newsmoi24h.com Open in urlscan Pro
2606:4700:3036::ac43:bdba Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Submission: On December 04 via api (December 4th 2023, 8:24:45 pm UTC) from US — Scanned from DE

Summary HTTP 407 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 54 IPs in 7 countries across 43 domains to perform 407 HTTP transactions. The main IP is 2606:4700:3036::ac43:bdba, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsmoi24h.com.
TLS certificate: Issued by E1 on October 13th 2023. Valid for: 3 months.

This is the only time newsmoi24h.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700:303... 2606:4700:3036::ac43:bdba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
25	212.124.124.8 212.124.124.8	47328 (TRI-AS Di...) (TRI-AS DigitalOne AG)
3	42.112.37.34 42.112.37.34	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
21	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:440... 2606:4700:4400::ac40:9281	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
65	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4 28	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	123.30.177.125 123.30.177.125	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
55	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
11	2607:f8b0:400... 2607:f8b0:4002:c11::78	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	173.194.76.156 173.194.76.156	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:1b::6	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:f::9	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
14	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
11 27	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.78.201.127 54.78.201.127	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:9449:420b:1a77:b906	16509 (AMAZON-02) (AMAZON-02)
3 6	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	3.121.8.101 3.121.8.101	16509 (AMAZON-02) (AMAZON-02)
2 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 8	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2600:9000:212... 2600:9000:2127:4e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:1ac... 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.192.160.219 69.192.160.219	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3602:8b08:3c9:f238:ee96	() ()
2	178.250.1.9 178.250.1.9	() ()
2	142.250.186.134 142.250.186.134	() ()
2	34.98.64.218 34.98.64.218	() ()
1 1	35.204.74.118 35.204.74.118	() ()
407	54

31 2606:4700:3036::ac43:bdba (United States)

ASN13335 (CLOUDFLARENET, US)

newsmoi24h.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 212.124.124.8 (Reston, United States)

ASN47328 (TRI-AS DigitalOne AG, CH)

aj1559.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 42.112.37.34 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

kenh14cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9281 (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 123.30.177.125 (Hanoi, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

server.zmedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4002:c11::78 (Atlanta, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:1b::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lzney.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:f::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5edn6y.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 172.217.23.98 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.201.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-201-127.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:9449:420b:1a77:b906 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.228.164.11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.8.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-8-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.35.237.56 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:4e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (None, ) 2 redirects

ASN- ()

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:8b08:3c9:f238:ee96 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (None, )

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (None, )

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
120	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	2 MB
61	doubleclick.net 15 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net	533 KB
31	newsmoi24h.com newsmoi24h.com	928 KB
28	gstatic.com csi.gstatic.com fonts.gstatic.com www.gstatic.com	270 KB
27	2mdn.net 3 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r1---sn-4g5lzney.c.2mdn.net — Cisco Umbrella Rank: 518217 r4---sn-4g5edn6y.c.2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	727 KB
25	aj1559.online aj1559.online — Cisco Umbrella Rank: 63089	64 KB
21	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 9066 c.mgid.com — Cisco Umbrella Rank: 7275 cdn.mgid.com — Cisco Umbrella Rank: 11503 servicer.mgid.com — Cisco Umbrella Rank: 9134 s-img.mgid.com — Cisco Umbrella Rank: 9069 cm.mgid.com — Cisco Umbrella Rank: 1303	322 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	25 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	407 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	102 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 4606	3 KB
8	teads.tv 3 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	2 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	509 KB
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	3 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 dis.criteo.com	117 KB
6	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	zmedia.vn server.zmedia.vn — Cisco Umbrella Rank: 72517	38 KB
3	kenh14cdn.com kenh14cdn.com — Cisco Umbrella Rank: 74834	601 KB
2	openx.net us-u.openx.net	400 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 714	830 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
1	simpli.fi 1 redirects um.simpli.fi	715 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	712 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6100	668 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	598 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1771	296 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1226	204 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 711	98 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	589 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	274 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 544	63 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 11711	593 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2168	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	78 KB
407	43

	Domain	Requested by
65	pagead2.googlesyndication.com	aj1559.online pagead2.googlesyndication.com googleads.g.doubleclick.net newsmoi24h.com tpc.googlesyndication.com www.googletagservices.com server.zmedia.vn s0.2mdn.net
55	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com newsmoi24h.com s0.2mdn.net
31	newsmoi24h.com	newsmoi24h.com
28	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
27	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net newsmoi24h.com
25	aj1559.online	newsmoi24h.com aj1559.online
18	s0.2mdn.net	newsmoi24h.com s0.2mdn.net googleads.g.doubleclick.net
14	static.criteo.net	ads.eu.criteo.com
14	fonts.gstatic.com	fonts.googleapis.com
14	s-img.mgid.com	newsmoi24h.com
11	csi.gstatic.com	imasdk.googleapis.com
8	sync.teads.tv	3 redirects googleads.g.doubleclick.net
8	www.googleadservices.com	newsmoi24h.com
8	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
8	www.googletagservices.com	googleads.g.doubleclick.net
6	dt.adsafeprotected.com	googleads.g.doubleclick.net newsmoi24h.com
6	imasdk.googleapis.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.google-analytics.com	server.zmedia.vn www.google-analytics.com newsmoi24h.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	r1---sn-4g5lzney.c.2mdn.net	googleads.g.doubleclick.net newsmoi24h.com
3	r.turn.com	googleads.g.doubleclick.net
3	ad.turn.com	3 redirects
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	gcdn.2mdn.net	3 redirects
3	server.zmedia.vn	aj1559.online
3	kenh14cdn.com	newsmoi24h.com
2	us-u.openx.net	googleads.g.doubleclick.net
2	ad.doubleclick.net	newsmoi24h.com
2	dis.criteo.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	newsmoi24h.com
2	onetag-sys.com	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	fw.adsafeprotected.com	1 redirects newsmoi24h.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	r4---sn-4g5edn6y.c.2mdn.net	newsmoi24h.com
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	cdn.mgid.com	newsmoi24h.com
2	jsc.mgid.com	newsmoi24h.com jsc.mgid.com
1	um.simpli.fi	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ius.ctnsnet.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	newsmoi24h.com
1	a.tribalfusion.com	1 redirects
1	mts0.google.com	googleads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	cm.mgid.com	jsc.mgid.com
1	cl.imghosts.com	newsmoi24h.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	newsmoi24h.com
1	secure.gravatar.com	newsmoi24h.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	newsmoi24h.com
407	69

This site contains links to these domains. Also see Links.

Domain
wpenjoy.com

Subject Issuer	Validity	Valid
newsmoi24h.com E1	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
aj1559.online R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
kenh14cdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-11` - `2024-09-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
cl.imghosts.com Cloudflare Inc ECC CA-3	`2023-10-03` - `2024-10-02`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
server.zmedia.vn R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh

This page contains 51 frames:

Primary Page: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Frame ID: 633D44E6FBB6E24B541130CCF1E44C83
Requests: 110 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 60D44255224BF014222DC868BEF0060B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=1573534164&lmt=1701721478&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478217&bpp=3&bdt=1181&idt=234&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3125074850772&frm=20&pv=2&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: B908FD218EA9716A757C1FD7ACB2BF6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8412722389&adk=3910651328&adf=1651184481&pi=t.ma~as.8412722389&w=1200&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=1200x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478234&bpp=2&bdt=1197&idt=241&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=245
Frame ID: B68AE7259E83230DD6CB4CAAE63FD02D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=6974737383&adk=1757034124&adf=830462564&pi=t.ma~as.6974737383&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478247&bpp=1&bdt=1211&idt=235&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=589&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Frame ID: 91B828DECA7BBB47AE6AB9BAFA6DE8DA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7646435628&adk=2965064849&adf=417458676&pi=t.ma~as.7646435628&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478294&bpp=1&bdt=1258&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=219
Frame ID: BAA95D6AB86CC72F0A40D158AC3AC359
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4333914566&adk=1520105092&adf=1156386483&pi=t.ma~as.4333914566&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478301&bpp=1&bdt=1265&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=218
Frame ID: C401C64F659AD69E7B0626EC28A47A7E
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4348574046&adk=838291846&adf=1840397986&pi=t.ma~as.4348574046&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478306&bpp=1&bdt=1269&idt=220&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=223
Frame ID: 5A288ACF210177A5BD6A6ECB965416A3
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9E7D6708679DD684A48419CC08DFE468
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F2410369FA5FA180540842EA2B86E377
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1FAC775975E62AF862553B6D03BDB083
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 98CED24320717D13781B5C8D9E4E03A6
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW41hgAIphsA-QQdAAPixQjx66h5uVcPHgX0eg&u=%7Cz%2FL6JJIkj04gPET%2FDlrbXlxU%2Bc6nFxjcQ5oMZYA4R%2Fo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-fzz6EBs23DKk-NbUsJ7D0pz1Ps7zM-fdX-KJTQE_BG4--DO9KJwcww8CWHUCl_jFupINuZL_iPshvVsk6P0NfnAXbuVwFhan9xgiItMZW4TshLh06opTtkU3lioks0KzHYvmXF4G-tvdXN7ZgaftpAc_fiCdDBkg3EYrZuKoh3OHym-PNoQlJxVkPaqZLlCYIMww7ZOj5r_n1xzVhW8e8-vNZEnslaSxQ96D8uVMbpGstS3u2EzqruMQfBfcKsG69uZVsmC5g5vdcKkZT58Lox3miZa3mXq1e7Q08EwX3QYAvMl3cXchhGezbrfG_F4G8OY4ptSIlLbYGAZ-LvIljhBO_9hcgyGNpjka75GRetUZM0PDcJIeloH3rDKfT99GtRV-f4OT8UF7od7yvnxTrjAcWM2nD__-B3utesMEHt2LlfEKuDbz911T2IuMsGCEO2kY5CS5y_EgZaF-wZ4Re487nNtYqDaZopMsuVn0UCR2WbIa2RWGCN85H1qFBMIJpVVG3lYbWFnKm0Ge_7cDoLvckKfMCGw8zPjGMD2X6FHSGpmjhuSGU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgZChjVuZZvMIp2I5LcPxcWP-AfJntKxXNX24taTAcCNtwEQASAAYJWqlIKgB4IBF2NhLXB1Yi0zNjE5MTMzMDMxNTA4MjY0yAEJqQJfaGHw1zSyPqgDAcgDAqoE0QJP0Nm1U2LQTPETCEGkeMGTF9NuUbukpWDOnNg7toa5Z7b2oUpGA_byt2E0uyYIFbTVd495-jfqZmE1we0OxowS3lxM0X4lkLjNA9_715WmBS6xrDdnIKkN6tTJpvZx-owz776g_CeoO4I2FsWkS3ZwB-CiYOlNnNERf6XhXQ2bUOW0shwxKN2GcwbJRzypAByiGGLDtHOJvICc0RewuZYXfKX-539F4tPZFiOaZNOiqzVYtebGJc8JgusB1c_Wic_Q9JytFeGC_jPmV1uPc-lWFca7jovd0Kq_VxBOQLm_wHOpYuuXIFxYws5zw8YCzxNLLu-LyjPmRbLc9NrUaGqapqot77FGg1rfla5Bb3vQkvgvDtjWgOw7BtHlMhJchR7w-2gDaOMUTN_Sgn40-GTG25Ms65tZwvZb-mLX4yRszobKK8GPA1EwhgWh2vmwlGkygAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYquPtwc72ggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Nj5zy003ks8D0W8Fe0w3P0jDo4g%26client%3Dca-pub-3619133031508264%26adurl%3D
Frame ID: C320DE9F2C8D6A502AA99E328D4C5F95
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW41hgAIphwA-QQdAAPixbMZGmcvN54VF0O8Kw&u=%7Cz%2FL6JJIkj06FX6yTLXhZZmDpFVaHviwGL1wysXiYFsI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-fzz6EBs23DKk-NbUsJ7D2V0s0iZmsUTG81aXFMpt3MP0RsDxSrnZF8K3eMOcVon4bHAW6Ocdrbj_ojAvIlcmen7OW1r7EqTknSoLU92Dtqoz691s4tluoFr6-qRmP2E8F1mjRegEMCxsqjMAHXwTSZASlUM6XDVXG4ou9VijDJZp45asCzZ0LVzOQBQgaBpg_N0GT5LaHDXJL5lwfp3cNInobQTylyGtPmJ3Ixe-JVcOAeppqXmXrwJEB3w449XgZkP1KfkTRGM0QewcW5wpJV4ujOcDkiFFf-G94nA8djSMdoO4Evgh2-BPdUkClzD3llUVp_8A7RmJlP8ZeQRFTeh0pYNMPuLf_WKv6Pg15cdmMgrNf0pennHe__VoF69PTRUmzXS9Q3SdUjB-nU3kPU8AEH0oujAMMEBt-zVKVzshIjYkbrtZs5JKVVX3GUJV7ViKOo_1XZth2n1NthqG8Ow9cwiBoh-dXorxj4nIwUoowwSW6bsQOY2HMjwhhDwsXenycI3Qc_YqG5Cz3JJjrMgPtjb2QNjeCPwwabCLgW&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX7PHhjVuZZzMIp2I5LcPxcWP-AfJntKxXNX24taTAcCNtwEQASAAYJWqlIKgB4IBF2NhLXB1Yi0zNjE5MTMzMDMxNTA4MjY0yAEJqQJfaGHw1zSyPqgDAcgDAqoE0QJP0Ep53Vqz4v7vRmu7GLYQds-iMh_MREQAjZqCMUpIj5Z3-GyC4BLpm8iVZogK-g1D-3l33ARk70qze47roJGVW-2CzkCEmfcWvj_pmTj6AFpZdZXr3fFW0uiWv566P9RSLSaF_YMZSnV2eDMLUM-amibJR4bGtdbS_KtGLZttMr2GGhkOtwXb-X-cTOLoGH_t74inpPpoGaznGPb79eHviNYxZZsDIvN8nZvNYga_SenOfJfHtTe2yN5YPhl4Zr9gxuvaEHhPmI8ejHcnSYjL39UZtxoMszzeW0W-rWkewca1J-syXMVhKWS7tmVo5ZxBX1CeW9caYDXgyJw2ptLUEohdDmTXBkaZ3cfbNGL_Qz_8M79o0gNm53TVv-HDxWaTDQWIcnAVM5bYvR74KsfoIu1wMwkDsizaFVSnk4NqfK8QhCwz-HyA4DHi46hnGgOlgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYquPtwc72ggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_23zEu6dr_dKs85ttzaU7_oB8UjOg%26client%3Dca-pub-3619133031508264%26adurl%3D
Frame ID: 88BC96A13D1E2F7233FCEC5A7A9616C3
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: DE3D12E6C32F06E1B6751BD1B656B486
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A56EA4DD89477799F22B45D6AE1948A6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 1E318C45A4BCA0D86BCB63F74C4338C3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Frame ID: D42DB04DB4445D791937CF22D2BE9819
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Frame ID: CA93C9A152DD56FD1E4F50E347796FCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=2373185786&lmt=1701721481&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481738&bpp=3&bdt=90&idt=169&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&nras=1&correlator=3125074850772&frm=23&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=804490982&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=100&ifk=4239599670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079606%2C31079825%2C31079866%2C44795921%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3235045661876211&tmod=1022428475&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppfm1xx8h2iv&fsb=1&dtd=181
Frame ID: 0C585BD10167B523C0C58085EC6D1AC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=6591594008&adk=3645781967&adf=3279755404&pi=t.ma~as.6591594008&w=400&lmt=1701721481&format=400x100&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481741&bpp=1&bdt=94&idt=185&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=804490982&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=4239599670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079606%2C31079825%2C31079866%2C44795921%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3235045661876211&tmod=1022428475&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.juubdhgxlk5n&fsb=1&dtd=190
Frame ID: 35C9160FA60D013DDCF43A0F94F75F53
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F5C44B0C86F14B575197823903BCCF0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE6DDD2AE862C1EF724C6807B6A20922
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Frame ID: 79048C6B365CCC4FC7AC6982123852C1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=480832095&lmt=1701721482&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482186&bpp=7&bdt=86&idt=172&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&nras=1&correlator=3125074850772&frm=23&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=611249942&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079865%2C42532523%2C44807406%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1143667814548548&tmod=358804787&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.vosjmp9glhfk&fsb=1&dtd=182
Frame ID: 9FFFEDDBB6135C753620A7C8BD53CEAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=9217757340&adk=205261170&adf=2751417942&pi=t.ma~as.9217757340&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482193&bpp=1&bdt=93&idt=182&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=611249942&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=200&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079865%2C42532523%2C44807406%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1143667814548548&tmod=358804787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.gmqjc4jewi00&fsb=1&dtd=186
Frame ID: ED8DD44FF149FC26A3DBEC5AA01F2607
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264
Frame ID: A9538B0A42D0AC1A077457621B63D9CE
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYpq39xAEwAQ&v=APEucNWfjJD1S5oCPm9PQQ54-tb4XF9H7kQF5Gd5LrKPNnwzXfyAcgarglJ5obk1oXL3v1unzaVVPQro3UUtT2ZffwYR14i0o91loX-Or_S9zLAZqPz5P2F5qXd149RNrAnJLR0SoS7IjtaE5-m0NYq0QHXtfrbJsLO3IJBCZ8gjSTDi3KdS7Rw
Frame ID: 367E08B22C0A757FE3A0806784077B40
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7DAA7CBB43CD5285EE6C2352E2C1B207
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B83B6A47FEDECD6A8B0EC70D842FB06
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11F3FFCEB99BBB44E2C096C2C70E7E64
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DD0E08454F711A04BFD509A9E5CFC98A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 65E880CCC5859F1B81C3682DFC48A8D4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=480832092&lmt=1701721482&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482516&bpp=3&bdt=129&idt=226&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&nras=1&correlator=3125074850772&frm=23&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721483&ga_hid=194955514&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1522021407517613&tmod=1452404506&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7zi2imshy3r&fsb=1&dtd=240
Frame ID: 12B8F861B03127E827EDA66B6E6D4378
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=3268206910&adk=2539099357&adf=2751417943&pi=t.ma~as.3268206910&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482519&bpp=1&bdt=132&idt=274&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721483&ga_hid=194955514&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=220&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1522021407517613&tmod=1452404506&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.yn8z1b2obv7o&fsb=1&dtd=277
Frame ID: 0EDFC0AAEC0980659BECA1624C87EEAD
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250
Frame ID: D88FEDF5B5968006D78DB93B7C905EBF
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 22A1C7E489D09F81D59EDFA88AE5350E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 5FE4D740921275F4784293818D4D4561
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FD2303CA8E07E5C32D866F78B44A082C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E00E9E3D5745F64FE8B4704A14C36A1F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4ADC5401EEEF008B5B3813FF80967573
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6540F9B9962997488ECCEA114A7D5761
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNUUt86VlIlaYr48P-gene95HHWs78s8nOjCAyS3eXU_FoyWq5SreyvKAavuMGtzobQx_3buHlLfOdvQIhAUo4T07J9DmFFknZruqftXWDAZ2Ku4H2_jSc6DjJ1F7z4Py0u78sgF_ooxscSvGRadZYOZ6EbwkWElNTVL3FmaJ79ruWJBnIk
Frame ID: D209CE835BE3BE64DA6BECB21C78AC0C
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 33EF74095ACBEE44F722D9D6F2E7C9C8
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 62572E91952ED1A20E3E60706D44DB07
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250
Frame ID: 6830DB430629C278D269DE0EF6D92D2C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DFBEFB38537314FECCE1B9F55A658CE9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: E97B3A983E450E793BA9770076C1D63F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D9F5972ED7F8642EA5C69C846B250CF6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 342E232A9C7BB70CF98DD134D18E9A02
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 94EC0283D3E27BAD6BA421395A745EC7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DJ Mie bất ngờ có hợp đồng béo bở hậu chia tay Hồng Thanh: Bị tung c.l.ip bịt mồm? - Newsmoi24h

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

407
Requests

91 %
HTTPS

52 %
IPv6

43
Domains

69
Subdomains

54
IPs

7
Countries

7120 kB
Transfer

17752 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wpenjoy.com/
Title: WordPress Theme

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://gcdn.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257478/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/7366CF9487F9319212B323D494CE8E592BD86058.1EF46C0354FF738F7842C849982872DD6596BF41/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257478/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3D6E119C1242DFD03FD14DC61B4F3D5607EA3D8E.71B589A4984B2DD18B6B9C388CDDCA802DE48AFF/key/cms1/cms_redirect/yes/mh/q-/mip/2a01:4a0:5a::10/mm/42/mn/sn-4g5lzney/ms/onc/mt/1701720247/mv/u/mvi/1/pl/29/file/file.mp4

Request Chain 148

https://gcdn.2mdn.net/videoplayback/id/9ab2844aa052e94c/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214695/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/284000AAE415E8B0E231F5B0EDADCE75D0AE1C15.B6548A57232A60510CD4C00187974FB6F6CDBE64/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/9ab2844aa052e94c/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214695/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/294F956F91EB191FB47DF4E23B25EB5DF3ED597E.3485EE31A1A0410F564BE5C8E9E9717118ECD054/key/cms1/cms_redirect/yes/mh/RB/mip/2a01:4a0:5a::10/mm/42/mn/sn-4g5edn6y/ms/onc/mt/1701720247/mv/u/mvi/4/pl/29/file/file.mp4

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 168

https://gcdn.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257479/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8E96529B8A969690D05E210BFFF6C90EA42D0FE4.A2FBB5AF4180B78E2EF7182D316B923932C30BCE/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257479/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5013D3659A18632452144737C0F23A12FDB2512D.41C6096DEC2327EE2515F0CFC45989CB0490C417/key/cms1/cms_redirect/yes/mh/q-/mip/2a01:4a0:5a::10/mm/42/mn/sn-4g5lzney/ms/onc/mt/1701721301/mv/u/mvi/1/pl/29/file/file.mp4

Request Chain 178

https://googleads.g.doubleclick.net/pagead/adview?ai=CZeflhjVuZbyZI9OH5LcP4pyB8AXQuPm_dL6YrICiEO3xmav3FhABIM7OhmhglaqUgqAHoAGG19e9A8gBAqkCX2hh8Nc0sj6oAwHIA8kEqgTWAk_QRK-zrQk5RLM2JcOO8NH1_OsXEoD9U6fFBZpwKsG38njGxb2VNvtg8JP2Dr9khOur_qrO-P_lNKJU2jdyva3rQY1Jn1wszyqtDzjYNHNro6-FpJLQOP2G7HqfhTYt3JJxNJcA9sm07FThGhc3gz-FVNJFAMeUdhBPGM678YEXpzrSF-QwJrwRU9BoUNWYYMeRaE-s3acrwXnEOZBDRzij9n6A2ToOBTahPrQFpf_0JaDEkPn5Epwdor26oV77rnzcooADTh-kOe9Uim4GI8b2yvUOIBeOYI-SSrfDa8BEb7lpxRXsfDmEmrovaJN4CMX1_NlcvNUPit4AnIb6_IqYqE1aKqpq6SUgiZXW8pDrACXARJQeaokWke4_3hkmlvPrImJesF2I6zLmI4NMj4XhVQr6iNGVJ51t9kDH62d_3ESlFMywFVw4SC51BFiyhsUJJV2gG8AEtJer9ZAEiAWKl4GhRJIFBAgEGAGSBQQIBRgEoAYCgAfiqKhCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQmO0D0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljyve7BzvaCA5oJPGh0dHBzOi8vd3d3LmxpbGllbnRoYWwuYmVybGluL2wwMS0xMjEtYjAyM2VzP3ZvdWNoZXI9c3BlY2lhbIAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zNjE5MTMzMDMxNTA4MjY0GAA&sigh=WdQMs73-XHU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNS_CXXDPL8TNw326WLQmgiHMY7rmEQgR9BcXqOQpe_Jw0wpXRFU9wayFB_erOwuyvZ_iejjzOqri6FhTpd720bePT0CaDTETGGXEYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214562808203723918186%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224549609263153658049%22}&andc=true

Request Chain 184

https://googleads.g.doubleclick.net/pagead/adview?ai=CPVOEhjVuZYqMI5TX5LcPpbaE0AT89Yu-dPfHyIH2EWQQASDOzoZoYJWqlIKgB6ABvIbNuijIAQmpAl9oYfDXNLI-qAMByAPLBKoE6gJP0O0lqQn3ppzGFKiqKHR0ux6sYN6lqmaWp3lv1RunwGC7Q2-Enu7ogsXu_tvavzdcibuoJOY5YDiivWMtTfYS4ieoYoz65dvQiOhzbxhFDU3jZgOvamf83AGc1La66ZTjdc6l9tcEjVvFkyY23nT7FbZ0wDqe9UUlS9TXwQ7q914-DIj14SK_WATeVuyi6xggy5jmIDM-V3NeEwgbmyZiz9qhi8m8EJH-0tNjYMLrm71Ji3whoS-Q91LfCJzNGNRku_hOw5uRjbpcpMUjwpzB7jUre0Wb9wnVobGsxp1tHTOXQuKm9do_Y3d6nYGI-GyqfNQCtOsclJr3pQZA2Hy4qtOrueERFaySxCwnvHR0zQlooyxyWTH1Uaof3auk9Ou3nFwLJfiQyzCzstWQCcsgxCI3k8Ppgsyp8EJzwMayBbj9MSacK4b9CnIHB1OQ52fKz2SWV60IxMtKuidzhKbsnHTqpXGC0r4vBsAE7q-Hn7EEiAWlxvS_TJIFBAgEGAGSBQQIBRgEoAYugAe8vp2aA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEMGsBdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9Zvuwc72ggOaCSdodHRwczovL3d3dy5icmF1dGJvdXRpcXVlLWthdGhhcmluYS5uZXSACgHICwGYDMbkhp-xBKIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxArgTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItMzYxOTEzMzAzMTUwODI2NBgA&sigh=ayzokCxxq98&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNTqp_yqCXN1yudxwBIvvhEV__xRxwY7oBwMS6xlosbpt47RCown8sfaLDVZ4JGu5_GGS2hvjAhrdRpN7uE-tmb6CsK30t8lUJDVIYAQ&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213010808810636327388%22,%22debug_reporting%22:true,%22destination%22:%22https://brautboutique-katharina.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210860315452%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22585455406938375537%22}&andc=true

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2uwIF4pETlxH9Ly-BhOZw&google_cver=1

Request Chain 258

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW41iuYu5JAqJG5FdoOIBQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2uwIF4pETlxH9Ly-BhOZw&google_cver=1

Request Chain 259

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOPcd2qQNLwEfiNT4yknSps&google_cver=1

Request Chain 260

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0NDQxMTMyMjQ0NzQ4NDIwNg%3D%3D

Request Chain 289

https://a.tribalfusion.com/i.match?p=b6&u=CAESECLC0ZlslqGPw5tdr0jX9Eo&google_cver=1&google_push=AXcoOmREmCxz2TPAL25ZkZE_xL106y0Rk3h8TpIbYc_e0hyuPDebmnZMaaqNI4YGcIkrovxvcR7abTYHluRsMXQ1OxizfY01DkFrHhBAPRkACjLpSBD2p5yf-KyiIenyx1rWjVMRisa3BovVHmNyjZ-PJDBC0xw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmREmCxz2TPAL25ZkZE_xL106y0Rk3h8TpIbYc_e0hyuPDebmnZMaaqNI4YGcIkrovxvcR7abTYHluRsMXQ1OxizfY01DkFrHhBAPRkACjLpSBD2p5yf-KyiIenyx1rWjVMRisa3BovVHmNyjZ-PJDBC0xw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECLC0ZlslqGPw5tdr0jX9Eo&google_cver=1&google_push=AXcoOmREmCxz2TPAL25ZkZE_xL106y0Rk3h8TpIbYc_e0hyuPDebmnZMaaqNI4YGcIkrovxvcR7abTYHluRsMXQ1OxizfY01DkFrHhBAPRkACjLpSBD2p5yf-KyiIenyx1rWjVMRisa3BovVHmNyjZ-PJDBC0xw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmREmCxz2TPAL25ZkZE_xL106y0Rk3h8TpIbYc_e0hyuPDebmnZMaaqNI4YGcIkrovxvcR7abTYHluRsMXQ1OxizfY01DkFrHhBAPRkACjLpSBD2p5yf-KyiIenyx1rWjVMRisa3BovVHmNyjZ-PJDBC0xw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 290

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGsFQPd-BlN22EQvdkSi830&google_cver=1&google_push=AXcoOmSOFCbbBxq1ukuWvLO0TK30yajw7qpaNBwF0bVNCAZaEpVTyWwxXYJeDAAhh1A2zHkG4EsFmNXBP5ixz8YIN7mFVkgQwMnRWlCLDtir3rgbe6Dh0PvBQ_xyuOX91GY7MVgaD4_XFLPMpzDUZKytmu6e2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGsFQPd-BlN22EQvdkSi830&google_push=AXcoOmSOFCbbBxq1ukuWvLO0TK30yajw7qpaNBwF0bVNCAZaEpVTyWwxXYJeDAAhh1A2zHkG4EsFmNXBP5ixz8YIN7mFVkgQwMnRWlCLDtir3rgbe6Dh0PvBQ_xyuOX91GY7MVgaD4_XFLPMpzDUZKytmu6e2A

Request Chain 293

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL9LAe_63D_Gr-O9bPSQns8&google_cver=1&google_push=AXcoOmTl7EVdTZN1FRSgaOvBcTheOn0v5w_9c6uYapSpqzbPDL4cyfeD5AHZPrARXO7T1b09tLLFRUOVwZNBARTaCRY2rM9KWT8do5eqonfdNNW8CEPdGgK-CLIkchAoXuC9g_im1KlmjFG1LVF-YEF_wfQJgWM HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL9LAe_63D_Gr-O9bPSQns8&google_cver=1&google_push=AXcoOmTl7EVdTZN1FRSgaOvBcTheOn0v5w_9c6uYapSpqzbPDL4cyfeD5AHZPrARXO7T1b09tLLFRUOVwZNBARTaCRY2rM9KWT8do5eqonfdNNW8CEPdGgK-CLIkchAoXuC9g_im1KlmjFG1LVF-YEF_wfQJgWM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA3ODA3OTIxODM2ODUxODk4NA&google_push=AXcoOmTl7EVdTZN1FRSgaOvBcTheOn0v5w_9c6uYapSpqzbPDL4cyfeD5AHZPrARXO7T1b09tLLFRUOVwZNBARTaCRY2rM9KWT8do5eqonfdNNW8CEPdGgK-CLIkchAoXuC9g_im1KlmjFG1LVF-YEF_wfQJgWM

Request Chain 301

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1&google_push=AXcoOmRuqZsNERmeXrtdm_dqktLT7pCQTlYSrpBTJ9ZUe78goSJ3Sv_4ia1ebYjhs8FgB3YxF58nOTi3qUSvOCYpMpClf14lASuFOyqZiTwKyCBEcE2zzngLAODIyDcwxx69MY6L_VXAqjBSXgB1yJJyw11ms4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyMDE4NDkyNDE5NDA3Njk4Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1

Request Chain 303

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAX6MMy7QeS-XsW3u21O-X8&google_cver=1&google_push=AXcoOmTPfCEHhaDyghoAvL3WlwElxHg6c7oba-lxCieMJust1AnNHwj5vjataHQhH63pRG01DQcPeR2ocK7eOVjjbL9ZNtZ_yMEj-DbLqzPzwChqtyvQhZ4EJGivQxVlu85WosPhpRFhXcRbfkFDp0C58NjXtQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=iGu0j6R4QvsRt3PQgqCQbQ&google_push=AXcoOmTPfCEHhaDyghoAvL3WlwElxHg6c7oba-lxCieMJust1AnNHwj5vjataHQhH63pRG01DQcPeR2ocK7eOVjjbL9ZNtZ_yMEj-DbLqzPzwChqtyvQhZ4EJGivQxVlu85WosPhpRFhXcRbfkFDp0C58NjXtQ

Request Chain 305

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHqeDKsC6mU6JxfSJB2jrAY&google_cver=1&google_push=AXcoOmSyV38rwO_ZS4eSCfgl-vmVtC6CgVXcZONMo2g_uhZFAhzVFbu-rs9dJCkADQZnYWX12xrMULl9gQZYufOgkpWaQwCCesoTThCRe6ORRNigHETCCfPSJk8anayts3EWrf2QWEmOG7HQrnoEqMZ0gyijxkw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSyV38rwO_ZS4eSCfgl-vmVtC6CgVXcZONMo2g_uhZFAhzVFbu-rs9dJCkADQZnYWX12xrMULl9gQZYufOgkpWaQwCCesoTThCRe6ORRNigHETCCfPSJk8anayts3EWrf2QWEmOG7HQrnoEqMZ0gyijxkw

Request Chain 306

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEB-l0q3qCvGd0EbNfkdLyUw&google_cver=1&google_push=AXcoOmS6f9Vc9rNMb9sWIswRLkzswMnGkk-M_bjkJve_DzGBAuqYe8kFYQxhOoCZsUwbQ8sJQUm_ipH3IB4e-eHt6OpY_K0lrU5TsYujtJ5ktntqzk3OJYx0347VX8RR7-UyQkTGAFjxbNChXt6dcrQ-wfHf48DD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS6f9Vc9rNMb9sWIswRLkzswMnGkk-M_bjkJve_DzGBAuqYe8kFYQxhOoCZsUwbQ8sJQUm_ipH3IB4e-eHt6OpY_K0lrU5TsYujtJ5ktntqzk3OJYx0347VX8RR7-UyQkTGAFjxbNChXt6dcrQ-wfHf48DD&google_hm=mvwMbPbLSDO0grAum177cMo

Request Chain 307

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEG5ezbXgdRjaiRayDwdOMvk&google_cver=1&google_push=AXcoOmSEOjX7qHWVLLbIqrKNeSd1D_PGjonKGJarYyJTI2EzT6OIYTMcsZqwq2rgE05VhQhwDGzu1L12o8smfi5SyOCaOk1LdKMWo5cE_OI2pkuOq4jlJivO7ESZvIuzt0GJX45pmbuNdh07dHEmfmKPNYXqSno HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSEOjX7qHWVLLbIqrKNeSd1D_PGjonKGJarYyJTI2EzT6OIYTMcsZqwq2rgE05VhQhwDGzu1L12o8smfi5SyOCaOk1LdKMWo5cE_OI2pkuOq4jlJivO7ESZvIuzt0GJX45pmbuNdh07dHEmfmKPNYXqSno HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 313

https://googleads.g.doubleclick.net/pagead/adview?ai=CQItXijVuZZe2AaXZ5LcP8eS4gA7z5beYdJi9-tCiEt3QveDkCRABIM7OhmhglaqUgqAHoAGkn5DXA8gBCakCX2hh8Nc0sj6oAwHIA8sEqgThAk_Q29MqDbce46pBQ-FR5WKHw27N1RLEcd5xjtwSXCpDfPaJ5Zj2I2O4tysEK7qENJsvn2Rt0AzMMJbhzxq1mP9mPbDwMiqM914jCuKNzt7yFl2f_8IFAnJQRKdupG2SHJjiayeYPR3JUaj91JSoLHQM-xeEix6R0Y_L6GeB8ivuFU8WtyZy9q2pvzOJ4D2obhZYsgWKzDT26PYmvuOTPb1GDaQCM6j2grdoqB3bN75Ogg0eEB0fnSk40eIby9Yo8a6g5tqOgkEOZv-mJwC7Ml6VcyG67BliWv7FHdacO0PONu384LJtm5GA4keM0SKbw0sHHjbRbCJFE_06Y2LOWV4FRguHQScVjukrwkdcJrq7jsE8JCQkR05yFThM3WlQ5MZ8kAt8Zf7CvcqqbqRzOanMvabe00d_Ezit2LMxfm9OSb6587uCB96Z-K215G0EKs-zWcnf5Kvb-ueZP9k3jEPqwAS2mbbmzwSIBZHP95NNkgUECAQYAZIFBAgFGASgBi6AB8Tg7yioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD66QnSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKTrwMPO9oIDmgmPAWh0dHBzOi8vd3d3LnZpY2h5LmRlL2FsbGUtcHJvZHVrdGUvaGF1dHBmbGVnZS90YWdlc2NyZW1lcy93ZWNoc2VsamFocmUvbmVvdmFkaW9sLXN0cmFmZmVuZGUtYW50aS1waWdtZW50ZmxlY2tlbi10YWdlc3BmbGVnZS1sc2Y1MD9nY2xzcmM9YXcuZHMmgAoByAsBmAzIxr3AygSiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItMzYxOTEzMzAzMTUwODI2NBgA&sigh=nb-iUyWAqss&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNErTXp58ZYp_io-XtohCGj0abb2fwPviE5-Bvyaq0EvO91fZbwnVycUTrIlUuwNLUhJ_a83wyGAE&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210741784694547097349%22,%22debug_reporting%22:true,%22destination%22:%22https://vichy.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988024740%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223470767636483419809%22}&andc=true

Request Chain 316

https://fw.adsafeprotected.com/rfw/st/987057/61527764/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-3619133031508264&ias_chanId=1&ias_placementId=20343401207&bidurl=https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hV1RASkY790cTiFW61HNAx&adContainerId=brand_safety_ijVuZemyJJSyx_APkdGpsAc&cbFunctionName=goog_wrapCb_ijVuZemyJJSyx_APkdGpsAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fnewsmoi24h.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fnewsmoi24h.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3619133031508264%26output%3Dhtml%26h%3D600%26slotname%3D2968824013%26adk%3D2865839403%26adf%3D1828760783%26pi%3Dt.ma~as.2968824013%26w%3D260%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701721481%26rafmt%3D1%26format%3D260x600%26url%3Dhttps%253A%252F%252Fnewsmoi24h.com%252Ftrabtv%252Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%252F4346%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701721481791%26bpp%3D2%26bdt%3D4754%26idt%3D2%26shv%3Dr20231130%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D63add8d246e9183a%253AT%253D1701721478%253ART%253D1701721478%253AS%253DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw%26gpic%3DUID%253D00000ce2fc1480a5%253AT%253D1701721478%253ART%253D1701721478%253AS%253DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng%26prev_fmts%3D0x0%252C1200x280%252C820x280%252C820x280%252C820x280%252C820x280%252C188x600%252C188x600%26nras%3D3%26correlator%3D3125074850772%26frm%3D20%26pv%3D1%26ga_vid%3D354379157.1701721477%26ga_sid%3D1701721478%26ga_hid%3D484071371%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1110%26ady%3D535%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079759%252C31079826%252C44807753%252C44807763%252C44808148%252C44808285%252C44809071%252C21065724%26oid%3D2%26psts%3DAOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%252CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%252CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%252CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%252CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%252CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%252CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4%26pvsid%3D28292592341068%26tmod%3D1979323982%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D10%26uci%3Da!a%26fsb%3D1%26dtd%3D8&adsafe_type=bed&adsafe_jsinfo=,id:b3518ec6-22ce-28b2-289e-cb60e8df08c1,c:vRIyzb,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6d84f486b7-gvsxz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tXvjV1v+11%7C12%7C131%7C141%7C142%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1a21%7C1a22%7C1a3%7C1b1*.987057-61527764%7C1b11%7C1b12%7C1b13%7C1b14%7C1c1%7C1c2%7C1c31%7C1c4%7C1d1%7C1d2,idMap:1b1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:36,oid:285c6841-92e3-11ee-8600-aad240462c2d,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ijVuZemyJJSyx_APkdGpsAc&cbFunctionName=goog_wrapCb_ijVuZemyJJSyx_APkdGpsAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js

Request Chain 370

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1&google_push=AXcoOmSZtsBEXEOUaxsD4WaGlTDvLo86EFJQ9Ph35p19UFR08oEbeGSAYm2zrO3p5utnmoP7mTsnc4QtTSQERQ6IvYPMiJ7ah16ilg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyMDE4NDkyNDE5NDA3Njk4Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1

Request Chain 371

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI6aAb8ZIwTeDMkTPbtk6to&google_cver=1&google_push=AXcoOmTKRSR3kNwvnJD_hz-icZD52w24zf30xKPQ6h19iyWMjrSKoyitg6KF4Pqx0gix14qU_8SnDd4Ig35RZLjop2P7mCPOvZgQjA HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTKRSR3kNwvnJD_hz-icZD52w24zf30xKPQ6h19iyWMjrSKoyitg6KF4Pqx0gix14qU_8SnDd4Ig35RZLjop2P7mCPOvZgQjA&google_hm=OMdCx9Xxbxk0EZlt_G41Ug

Request Chain 373

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTwp1mq__-8LyfT8DzBhW42xSJMOLc_ZRlcN5f0YC4l47WXnn9F2dKyoDjPEnI8cRz7FPXiI9D5ZrXQCgKD2xPW4Buv4ylWOw&google_gid=CAESEBe00jMIGRy5VLNoD2owBTM&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTwp1mq__-8LyfT8DzBhW42xSJMOLc_ZRlcN5f0YC4l47WXnn9F2dKyoDjPEnI8cRz7FPXiI9D5ZrXQCgKD2xPW4Buv4ylWOw&google_gid=CAESEBe00jMIGRy5VLNoD2owBTM&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDQyMDI0NDQwMDAyMTA4MjEwMTYzOQ%3D%3D&google_push=AXcoOmTwp1mq__-8LyfT8DzBhW42xSJMOLc_ZRlcN5f0YC4l47WXnn9F2dKyoDjPEnI8cRz7FPXiI9D5ZrXQCgKD2xPW4Buv4ylWOw

Request Chain 374

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBD6C377ngaMYi3uf9pBuRI&google_cver=1&google_push=AXcoOmQw2vyHVS8C4UhisUJ9xrMfeP3EUOoryBuIuaySEHGT3ziF_7I5Dh0pUN7cJkae-ChbZPM-EVs-QIRYxnmSs9KlJyug7_zS4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw2vyHVS8C4UhisUJ9xrMfeP3EUOoryBuIuaySEHGT3ziF_7I5Dh0pUN7cJkae-ChbZPM-EVs-QIRYxnmSs9KlJyug7_zS4Q&google_hm=eS1RY2Jwd0taRTJwRjZBM2Y2Nkc3cy5qbzNUbnZuMmFiVX5B

Request Chain 376

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEG5ezbXgdRjaiRayDwdOMvk&google_cver=1&google_push=AXcoOmQHs07RDb3Wv1OJYKHR-F4qAnYl1jOxnpUXHdoUZ0yVrL2wliSN9wHG53IPqepLTzWjzDw-xtOGf9K7RV-c_AxpFJLYlJnGGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQHs07RDb3Wv1OJYKHR-F4qAnYl1jOxnpUXHdoUZ0yVrL2wliSN9wHG53IPqepLTzWjzDw-xtOGf9K7RV-c_AxpFJLYlJnGGQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 383

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECaAVf9xILnZq3M_TJQIboA&google_cver=1

Request Chain 385

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKqi-Y4VcIKdASKqwSmMw6E&google_cver=1

Request Chain 388

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1&google_push=AXcoOmSU4_46SHLmfDu1mIratgX9xMKggC6ubHDqfyhePd_06-Q9OH4T9UBck_7rzrgSt0BmIMX80XVmm-8WTFbkTBMdIeI3kiPLXg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyMDE4NDkyNDE5NDA3Njk4Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1

Request Chain 389

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI6aAb8ZIwTeDMkTPbtk6to&google_cver=1&google_push=AXcoOmTFCR3_pFbKfIPySd69lT1gLY4Yeu-5nJJri_QIOFv8LA7oxrid5h32t3BEiyK_mHnT-5LBdJ0WOiZR15s0L6aZtLE_gKiL HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTFCR3_pFbKfIPySd69lT1gLY4Yeu-5nJJri_QIOFv8LA7oxrid5h32t3BEiyK_mHnT-5LBdJ0WOiZR15s0L6aZtLE_gKiL&google_hm=OMdCx9Xxbxk0EZlt_G41Ug

Request Chain 390

https://um.simpli.fi/gp_match?google_gid=CAESEMkEFp9JQLcGSe6gwA2aAow&google_cver=1&google_push=AXcoOmRZWDgQVbTRnwfgB7ONorIJwNXz0fnIIafuO5wEqyPnbLrnDoeMZgPkkLm1YiRJwZ4CQBfqOmYr4tSEe--vGXFrPmeby3rJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E472F6FCE72340EAAF5D865571F5E246&google_push=AXcoOmRZWDgQVbTRnwfgB7ONorIJwNXz0fnIIafuO5wEqyPnbLrnDoeMZgPkkLm1YiRJwZ4CQBfqOmYr4tSEe--vGXFrPmeby3rJ

Request Chain 393

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHqeDKsC6mU6JxfSJB2jrAY&google_cver=1&google_push=AXcoOmQnkX7DCaq2OdpP2SPbeyvHv21xfgMEkimG_4AgNK1EB-ctu2KmXtW9Eteuplwv1lkyoHSlggw7VJx9sO0g4QWpsrAS23BzEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQnkX7DCaq2OdpP2SPbeyvHv21xfgMEkimG_4AgNK1EB-ctu2KmXtW9Eteuplwv1lkyoHSlggw7VJx9sO0g4QWpsrAS23BzEg

Request Chain 394

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEG5ezbXgdRjaiRayDwdOMvk&google_cver=1&google_push=AXcoOmTUWc_5O60n-qDjn5uB6moa2GTTD2lFpx3ikb23ywJIrAhSRbLi8h3TU8MOOqonL7oFjxWoQMCfd474ji3L9joQcaNBdNJ-_g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTUWc_5O60n-qDjn5uB6moa2GTTD2lFpx3ikb23ywJIrAhSRbLi8h3TU8MOOqonL7oFjxWoQMCfd474ji3L9joQcaNBdNJ-_g HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 397

https://googleads.g.doubleclick.net/pagead/adview?ai=Csf0CijVuZbKsIYOwgQPAt5L4C4G8idB02tSH4pISzoj_gNQCEAEgzs6GaGCVqpSCoAegAejR1M4DyAEJqQJfaGHw1zSyPqgDAcgDywSqBN8CT9CZmSmkJz37OvxSS8cYwCSMuiyZWTQLYLd_28RvgQeyH1728RHfvlDbAt9J5OALLTclbKC1KEpPZSU8s5rjuZomLdDlpHLFpfOw68nPPxGVvRUgR0YqLw-UqBlyoBzsDh7mskPorH1ufEBtLzNcVFvKtJdAR7NpRV3mWQx7Xlmmdwgq7u5stKOnoIhjN9nkPkZ9hc6BUD4RUJpux51gt54xlHPKsULCJz5865znRgYXFTGrd3ibdjZvc_CZYwPDJyM9V4y1jJOv_v0s7Sf5CRbvNlEEqOk03fUlPsJRPU5tzLWOYCLLtbx8LVThrPSr7DzxPxohoIvQ_LZaXW7ecgnbPicD7LmGyrmWJLlU7YkxwVKvMhpdzeSmPOzT6ILJekNxoTtgkPoWyM88HgK9TuQxgFhZJPqpFXX2_T7_K2hGlR8un5jsDyR8Gas-Al8eUavaCWyDTGxApUjuhRbZwATd37LnlgSIBdjE6OFGkgUECAQYAZIFBAgFGASgBi6AB4CuqzGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBRCs2c8B0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj0ntzDzvaCA5oJIGh0dHBzOi8vbHAuZWxpdGhhaXIuZGUvYWRzLXByZWlzgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxArgT5APYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItMzYxOTEzMzAzMTUwODI2NBgA&sigh=HollqMZTne4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNt7yIZPQcOzh4n5hlrvOkLN60qgLtmD4mEFc9PRA98IzAePhSl0MBXMJj57e7lvypY3s-RzXBGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210702709974352125235%22,%22debug_reporting%22:true,%22destination%22:%22https://elithair.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22970270952%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217489943315705022865%22}&andc=true

407 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/ 65 KB
17 KB 686ms
614ms Document
text/html 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 64475ae388b869e2b3bd1398e964290e9383a60273f821e6d269b8ff3142df59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8306c61b9b874d3d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 20:24:37 GMT
link: <https://newsmoi24h.com/wp-json/>; rel="https://api.w.org/" <https://newsmoi24h.com/wp-json/wp/v2/posts/4346>; rel="alternate"; type="application/json" <https://newsmoi24h.com/?p=4346>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYrqzAepOY1Dcgq9vTw4fJMC5yEb3SLSSnqm6gYs%2Fi61KEYeBavQvnJvZKPdaw5TmLlMSw8ngfmMwMhgbTAtghtmJFa0jRpt%2FFBiWHU%2F4iAhXmpiajfgI9hi1q8jE3Cu78RtQalSYEun%2FyX%2Fjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit
x-pingback: https://newsmoi24h.com/xmlrpc.php
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
newsmoi24h.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 23ms
20ms Stylesheet
text/css 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 20:55:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 531950
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGaDPvM%2Fe8DBqDz0CJVm5%2BksHA5ipX3CCWX4JNmlEKqJv00RHA%2BIb8%2F0exX9v%2FCVJvcyiavt8BgcLWW0Nk8U%2BnWq10VcZZVe1QTnvbaSnM3ICE3wBY7NKHByIFLFnh%2B8lX%2FV9cpRpdAI9gspMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f88434d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 16:38:46 GMT

GET
H2 200 theme.css
newsmoi24h.com/wp-content/plugins/popup-builder/public/css/ 70 KB
11 KB 21ms
18ms Stylesheet
text/css 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.1.14
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96344c48276b6477946734dfa6f60c187fa33d371c0f4bc2156edc0e2868617c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 02:50:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 310092
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ay5eFJVmX15kiVieuj1jxhlgKRvTSiremS41aAut%2FgiWuN384X9Lb%2BQCpB5mUPDssbNzjfwPymSD0SqoHuOeimmJM5mHYvGFOjstBfG6wHSCswW5zvAdOcixA5z3%2F%2Bw8zMaKwMTk00jf2o3Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f88464d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 06:16:24 GMT

GET
H2 200 font-awesome.css
newsmoi24h.com/wp-content/themes/blogsite/assets/css/ 35 KB
7 KB 27ms
24ms Stylesheet
text/css 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/assets/css/font-awesome.css?ver=6.4.1
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 531950
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ucpmaqe8pZFQDQd%2F2SLk438M23N6taIERqM9AYbp4Vy38eUUDEBxk5g3IwJCdaHBUqhId9cypxbT8VxJbdpIYguWTRo9UikwFTU3aDopoWfql2zAD3cVskIQZfldV2zFdijsxedrB0eQ9%2BOkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f884c4d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 16:38:46 GMT

GET
H2 200 genericons.css
newsmoi24h.com/wp-content/themes/blogsite/genericons/ 154 B
479 B 20ms
18ms Stylesheet
text/css 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/genericons/genericons.css?ver=6.4.1
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 531950
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtWQ3FCSVhimDS65%2FCxQtuaVB8F2c3fSWq0rjgwQFWiiQwm7MZRnDEw%2BlmWdds45Q3M5s6g%2BF%2F2F6Gxf6tyNhnQwBm2WDBdd9NsvU0kMuiKZTq5rj1mVh2w88OFLobbpsmF0PJIhvAQ0pgyfng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f88504d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 16:38:46 GMT

GET
H2 200 style.css
newsmoi24h.com/wp-content/themes/blogsite/ 70 KB
14 KB 34ms
31ms Stylesheet
text/css 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/style.css?ver=20230701
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47aa507aa520ddf600e955596eb5b75a117eba68760dc9b10c5cbdebff98a9f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 531950
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8Ia9UAugYBGwlbuULH8uKPwFJ%2FnZm7%2F34S9kwmw1HArzc514na8zthdUxCn05etqHiS1X%2BYrJsSmsAqyohUFBmTOD%2FSzxCuGKNbMZfb3cSRlXxcldE%2BWtU7Kz3eebTNKm%2Bqwbz8rAiDWBE1Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f88534d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 16:38:46 GMT

GET
H2 200 responsive.css
newsmoi24h.com/wp-content/themes/blogsite/ 9 KB
2 KB 21ms
19ms Stylesheet
text/css 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/responsive.css?ver=20230701
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b66acb0c96567acc8707b2473c308c2cb90430df021e86b9c6161e60e3e752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 531950
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKhham3R5XlTW1hl9FB3uDeFFOL4ErkauehuP1wO7CBK2qqiY8IuzYaZGwTIT34ro25B7%2Fw31GU38d02meNeqygrwRzqwuWM%2B%2F1LP65ej2QASO5bUEGImYHuCPIcBZgn%2Fqw5IODuQvSjonE36w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f88544d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 16:38:46 GMT

GET
H2 200 jquery.min.js Show response
newsmoi24h.com/wp-includes/js/jquery/ 86 KB
31 KB 27ms
24ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 20:55:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 540068
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naVTMcZZ6IWJH3VnPetvZgfxkRUWvP5sYNInTTGamMD5larGs1Qu1obtMrhMJuzsRdfG0NpaJopHKBrh6XzsGVOEzukU4LAtvCH9Cu4ChCvofzhVJEyJ4dUHAm3Os93FuH0dqyv0a593G%2FYT7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f88564d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 14:23:28 GMT

GET
H2 200 jquery-migrate.min.js Show response
newsmoi24h.com/wp-includes/js/jquery/ 13 KB
5 KB 32ms
30ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Aug 2023 20:55:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 469838
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5FxHCqCN5ocZlUdCSYOIKjqKwgy4HiipoHn6FSetP3B2WlHmC2CTboKrV%2BA1Yb%2F%2FRtOm5bUleikgXY3n5FAS70HbCik1DJVha54VHfXiGINpdPGafZ0jxjsOY53sS2RACoyejO0QqUsXh6NSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f88584d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 09:53:58 GMT

GET
H2 200 Popup.js Show response
newsmoi24h.com/wp-content/plugins/popup-builder/public/js/ 38 KB
9 KB 24ms
22ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.1.14
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d59372b6612612e1f165c140beb8e541b9becfa771862e2d61376252a2ba91f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 02:50:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 29082
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXMEXdNouvKbxlVFEjY6CemquEThHvLebT75c9X2QKSyMWvyZa2Xh7%2FUuiz8F%2BeU%2FAeyPI51aM5aOq5LVnhnQ%2FemVildiA5fbpw6TZlwYFjgLQK%2F52txYQeJkC3UgIPS2C1%2FB5G2I8FPg92Csw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f88594d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Dec 2023 12:19:54 GMT

GET
H2 200 PopupConfig.js Show response
newsmoi24h.com/wp-content/plugins/popup-builder/public/js/ 6 KB
2 KB 25ms
23ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.1.14
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 02:50:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 502763
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lnio1X46T2rffQ6oAGoJEjecBUrp8gTaMiXtlJT2GnkZiUd1r%2BDzY35Dl2co%2F5TNIJPFmYTFXrwRdZoWkxPk6QsluuZjolwWxQTH6YcPrvG1MiXxSrTHmgJRt4UatIqWgR9%2BxgR9sjzB42S3pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f885a4d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 00:45:13 GMT

GET
H2 200 PopupBuilder.js Show response
newsmoi24h.com/wp-content/plugins/popup-builder/public/js/ 77 KB
17 KB 28ms
26ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.1.14
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae1b9f867c5a14924d3d6b09e57f7451a00917838dd127af0782a07551e3d58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 02:50:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 310091
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXmWQU27Z8EvJXQQf644%2FH0qSwvzod4plH2kDQQGdCpNlHyoWFFhfJLyJr23c%2BH4ffQyv7cM1DU%2BksbjhBdxYF1nmnAP8I3j1Lv7%2BWDEmtAHpCqElR2FiDswvzNiH27djHmK5ywDYjJXIDOiwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61f885e4d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 06:16:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 47ms
25ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X8L2YQZR47

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2894de5990f56d5861a7a1251ac4301bc23cab1a17744a934eca17179403d2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79474
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 20:24:37 GMT

GET
H/1.1 200 ba298f04.js Show response
aj1559.online/ 36 KB
36 KB 811ms
184ms Script
text/javascript 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/ba298f04.js
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: f532b1d4c30d3692c9d58690f83c1e9d2d17851ad0aecaccab8dbc8f00744440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
accept-ranges: bytes
etag: "0e2cf53331521857872cbf642fd34234a"
content-length: 37125
content-type: text/javascript

GET
H2 200 photo-6-17005272989251898651952.png
kenh14cdn.com/thumb_w/620/203336854389633024/2023/11/21/ 566 KB
567 KB 1461ms
187ms Image
image/webp 42.112.37.34
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kenh14cdn.com/thumb_w/620/203336854389633024/2023/11/21/photo-6-17005272989251898651952.png

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

42.112.37.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

Software

VCCloud CDN / 563.3711964f302874f4fb39904eef1ae22d /

Resource Hash

bd13a5739ffb43246a920dfeaa52deffb797f5fc746e876a465b22bff98fdf9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 03:03:13 GMT
server: VCCloud CDN / 563.3711964f302874f4fb39904eef1ae22d
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 579872
x-xss-protection: 1; mode=block

GET
H2 200 photo-5-1700527298228698340645.jpg
kenh14cdn.com/thumb_w/620/203336854389633024/2023/11/21/ 14 KB
14 KB 1887ms
614ms Image
image/webp 42.112.37.34
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kenh14cdn.com/thumb_w/620/203336854389633024/2023/11/21/photo-5-1700527298228698340645.jpg

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

42.112.37.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

Software

VCCloud CDN / 563.5ffd0d6afeea8b5c3ef4f4c0501c487a /

Resource Hash

82940fb573ac2ac439d1c853b8d1eb511fa99ba15874876f2d3a7bd4d3a781b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 03:03:13 GMT
server: VCCloud CDN / 563.5ffd0d6afeea8b5c3ef4f4c0501c487a
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 14686
x-xss-protection: 1; mode=block

GET
H2 200 genericons.css
newsmoi24h.com/wp-content/themes/blogsite/genericons/genericons/ 28 KB
16 KB 17ms
17ms Stylesheet
text/css 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/genericons/genericons/genericons.css
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/wp-content/themes/blogsite/genericons/genericons.css?ver=6.4.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/wp-content/themes/blogsite/genericons/genericons.css?ver=6.4.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 540068
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrcZGoXioq8vFaWIfHkJKW1AEpsZxj0b4dP0cQsbYPhDt0rpSnzz8c%2FkbirtI%2BUKQbpse0640atgu3x1IV0dZJKg3BL7PtK3LjfM4rgT7mUk%2BDJYP%2F5pirPa444LRUD7SvtDUPpy97K9u0VgFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c61fa8884d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 14:23:28 GMT

GET
BLOB 200
OK 28db4935-5704-4aca-8966-a59b2bf82cfd
https://newsmoi24h.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://newsmoi24h.com/28db4935-5704-4aca-8966-a59b2bf82cfd
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 arrow-right.png
newsmoi24h.com/wp-content/themes/blogsite/assets/img/ 396 B
916 B 59ms
59ms Image
image/png 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/assets/img/arrow-right.png
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/wp-content/themes/blogsite/style.css?ver=20230701
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17911c30c68a58a54074106330311fd8d38c1db40d656373a00a8dd512090b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/wp-content/themes/blogsite/style.css?ver=20230701
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 528707
alt-svc: h3=":443"; ma=86400
content-length: 396
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvW%2BhHEXomxYCQM6C%2BTCQvT6x1l0au%2FwtbdHgCHaUs6kG9lb02ZYpxkFVUhLKAwntOJjKg%2BrooZEc%2FtYvD1ornSQMchvadE%2FQCjx9X6KiIOnHjrTWbGZgGFv8FROukk9SXDza6QNlb6RdU%2Feng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8306c61febfe663a-AMS
expires: Tue, 05 Dec 2023 17:32:49 GMT

GET
H3 200 genericons-regular-webfont.woff
newsmoi24h.com/wp-content/themes/blogsite/genericons/font/ 17 KB
17 KB 26ms
26ms Font
font/woff 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/genericons/font/genericons-regular-webfont.woff
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/wp-content/themes/blogsite/style.css?ver=20230701
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9

Request headers

Referer: https://newsmoi24h.com/wp-content/themes/blogsite/style.css?ver=20230701
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52381
alt-svc: h3=":443"; ma=86400
content-length: 17224
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bY8Np%2BV05sQK1scAPnIDmDgXwCsto3PMzfsECBZrmf%2BImSigyXec89q42TUXLu%2BYrDG8qgaTLNMqpQbN1D8g0sPPgZuRxpN9MVIwspWNUZavj1Qz%2BzUas6xzYEJGwkYO0DPlycUVMSbDze42Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8306c61fec00663a-AMS
expires: Mon, 11 Dec 2023 05:51:36 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X8L2YQZR47&gtm=45je3bt0v9111000003&_p=1701721477095&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=354379157.1701721477&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1701721477&sct=1&seg=0&dl=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&dt=DJ%20Mie%20b%E1%BA%A5t%20ng%E1%BB%9D%20c%C3%B3%20h%E1%BB%A3p%20%C4%91%E1%BB%93ng%20b%C3%A9o%20b%E1%BB%9F%20h%E1%BA%ADu%20chia%20tay%20H%E1%BB%93ng%20Thanh%3A%20B%E1%BB%8B%20tung%20c.l.ip%20b%E1%BB%8Bt%20m%E1%BB%93m%3F%20-%20Newsmoi24h&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=840
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X8L2YQZR47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsmoi24h.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 photo-4-17005272975011144273511.jpg
kenh14cdn.com/thumb_w/620/203336854389633024/2023/11/21/ 19 KB
19 KB 1699ms
614ms Image
image/webp 42.112.37.34
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kenh14cdn.com/thumb_w/620/203336854389633024/2023/11/21/photo-4-17005272975011144273511.jpg

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

42.112.37.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

Software

VCCloud CDN / 563.9fd49bc88360059fabae634d2bf53cad /

Resource Hash

eb5f2fd2309d60d2a023434cc60816bc6e654149ef44685b8ce82e9ad99a0173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 03:02:58 GMT
server: VCCloud CDN / 563.9fd49bc88360059fabae634d2bf53cad
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 19694
x-xss-protection: 1; mode=block

GET
H3 200 Hong-Thanh-9-4824-1654763549.jpg
newsmoi24h.com/wp-content/uploads/2023/11/ 504 KB
504 KB 28ms
28ms Image
image/jpeg 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsmoi24h.com/wp-content/uploads/2023/11/Hong-Thanh-9-4824-1654763549.jpg
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f03dafbda98679417d95c38d95c01238a260f829bd93fba2c13deb981993646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35741
alt-svc: h3=":443"; ma=86400
content-length: 515878
last-modified: Tue, 21 Nov 2023 06:49:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kujQK1jpv50wmvaIiCkPqXGJQ984YRb3kBa8UB0%2FRe8PhAq%2BSkzoE7EEwYU0pUm%2B1DGLka%2BzYxk3FFX0H0PPWGBkeeY40WJFYFBh%2BF2uKx38VVhd9DWhcwXD8NIjBZC0rSYw29Vv5cogawQfqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8306c620bd35663a-AMS
expires: Mon, 11 Dec 2023 10:28:55 GMT

GET
H2 200 newsnhanh.com.1542856.js Show response
jsc.mgid.com/n/e/ 4 KB
2 KB 251ms
205ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/n/e/newsnhanh.com.1542856.js

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

303859fcfce282ad2305a11b91fface2302142475c8968b146731622a1428a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
x-amz-version-id: 85ySD2VZXK_PReTld1FD2bn_igAxqWDp
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W4DSF8V5Z5P3RKH1
cf-polished: origSize=3763
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NUtWWcbfXRRrbeY2Qrqo5tYt7XAJcFqFf69XY6gv4lfvs0jX4EZBYpAJzBco+3AcLN0lKuWHO2c=
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:28:26 GMT
server: cloudflare
etag: W/"e8443e4e48a9e96eea0ee49e8d75fdac"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8306c620fc1f5b8a-VIE
expires: Mon, 04 Dec 2023 23:24:37 GMT

GET
H2 200 f88194102e6bbc23289bd70e35996a9c
secure.gravatar.com/avatar/ 2 KB
2 KB 26ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/f88194102e6bbc23289bd70e35996a9c?s=120&d=mm&r=g
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3171fc2cecfe1c3d875ae060c2a369801730efb9f46d8ec3073066504d27460d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 04 Dec 2023 20:24:37 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="f88194102e6bbc23289bd70e35996a9c.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/f88194102e6bbc23289bd70e35996a9c?s=120&d=mm&r=g>; rel="canonical"
content-length: 1717
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Dec 2023 20:29:37 GMT

GET
H3 200 tai-xuong-12-300x300.jpg
newsmoi24h.com/wp-content/uploads/2023/12/ 18 KB
19 KB 104ms
104ms Image
image/jpeg 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsmoi24h.com/wp-content/uploads/2023/12/tai-xuong-12-300x300.jpg
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf0d2c69528a0cc348d3341cbfd51f7ea2ec2e50f21d5c51d3c2bd1e55b9019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13590
alt-svc: h3=":443"; ma=86400
content-length: 18606
last-modified: Mon, 04 Dec 2023 16:19:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2pwZX8TronAtC9QqYZ%2Bq2WaXqPKZzbm99YECh5Gk5d8hcZe7slgLgMeKWz3yD619du4%2BGfpY5cqBxbA%2BdIjQW1q%2BAFzVpd3ZJfitcKunysroVRMxUpVvc5qTqoHhgGOB37LbPpBBRdZf%2FODFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8306c620bd3c663a-AMS
expires: Mon, 11 Dec 2023 16:38:07 GMT

GET
H3 200 lzd-1.jpg
newsmoi24h.com/wp-content/uploads/2023/11/ 92 KB
92 KB 106ms
106ms Image
image/jpeg 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsmoi24h.com/wp-content/uploads/2023/11/lzd-1.jpg
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 140255b1b7ab74540c43f24ca70b71279af6f27922dcc04f75b408c29d659d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93448
alt-svc: h3=":443"; ma=86400
content-length: 93918
last-modified: Tue, 07 Nov 2023 01:57:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikE%2B807mc3rEA6%2Fgxt%2BJmtB0Kyu0zsYHVYs2IehCOoweu%2BlWdXSe5HWwet%2BtBKDa%2B5m7svvQCueNJAR6obIBZP6MNXRCkVtxZAFn1k1VLSo3aoTr3zCm3ZSZ1tBo8K9GfOnUAgmJj8AAn%2FlTxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8306c620bd3f663a-AMS
expires: Sun, 10 Dec 2023 18:27:09 GMT

GET
H3 200 superfish.js Show response
newsmoi24h.com/wp-content/themes/blogsite/assets/js/ 7 KB
3 KB 117ms
116ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/assets/js/superfish.js?ver=6.4.1
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543224
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Zit4SEqmtjzTDnhBEvRt0br9VzqJ25u%2Fwa%2Bity18b35GYUz50S3yEWw2a%2BPyfTRuEd5lQq9iZJoGhu1ZY%2BQ4cy0oexb25S%2BzAkeKK5xZd%2FT23KSVbO%2Fhtotfo8lePlGyMTulrhA4ACv5XzOXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c620bd41663a-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 13:30:52 GMT

GET
H3 200 html5.js Show response
newsmoi24h.com/wp-content/themes/blogsite/assets/js/ 10 KB
4 KB 117ms
116ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/assets/js/html5.js?ver=6.4.1
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 528708
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGMGlZV6WrnP2jSrqsvQNSd9XEverTiGJdSryR91GctKqh2ebCjk4Qwnu4HfuD5kJSCwZM6ftkrvjk%2BFXmjZFB0RXPATGeN%2Fr7d5jDqSmvuKsPhGyR%2Fe6vfgWISYJ1A1MZhNVesKwk5iBq0RnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c620bd44663a-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 17:32:48 GMT

GET
H3 200 jquery.bxslider.js Show response
newsmoi24h.com/wp-content/themes/blogsite/assets/js/ 66 KB
16 KB 117ms
116ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/assets/js/jquery.bxslider.js?ver=6.4.1
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 528708
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avUYIfJOxLHX%2F67dRIUlMll0SLPeLGEs5%2FEbpo%2FKA0bipxMq6Iplm3ecbghBe5KRr%2F6p%2BcSbkLk1LaiQf1xllxpmwEo1HFIInIdsTgI1mwyv0XlUzGuHAJypM1HZUkFZKfmfYqbe%2FQGWc1%2BCsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c620bd48663a-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 17:32:48 GMT

GET
H3 200 jquery.tabslet.js Show response
newsmoi24h.com/wp-content/themes/blogsite/assets/js/ 6 KB
2 KB 117ms
117ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/assets/js/jquery.tabslet.js?ver=20230701
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7fe9347c265a8ef227a2c0e3e0e6e62e75f14784355f556fa9ddb864c5753f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 528708
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0s8eUY9vQ8AJGcGp73MNKyC5uROUV5o04TrupXgSmZPTcIu%2FKpNbZykMkQ5XIAKUlU%2BBXBMcXfatL%2FlXrcfG8kWe%2FBFSzdQcIQ0MpVHNvCAjKUDD66kupZaaeLNR9RA5PAZx85395hvaAzZwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c620bd4a663a-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 17:32:48 GMT

GET
H3 200 index.js Show response
newsmoi24h.com/wp-content/themes/blogsite/assets/js/ 30 KB
8 KB 118ms
117ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/assets/js/index.js?ver=20230701
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d3987a45a0fdca18652344761e0dce4f3616d51f7788ad3447c18a8eea5291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 393296
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCR6jcguIWragOrDN%2FcW8WZ3u38t6GHJ6G0TENPoCm%2B7KGX%2BWl7cOjf7pFFfq2rGIxsW32wEhgMn7P9t0VKRih%2F%2BO3xfFPChmFsTgZpfxZBPqz%2BaGjySC3Ci2r6v3PSRfU2Nu%2Fa5HlDrKeRSWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c620bd4c663a-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 07:09:40 GMT

GET
H3 200 jquery.custom.js Show response
newsmoi24h.com/wp-content/themes/blogsite/assets/js/ 3 KB
1 KB 119ms
119ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-content/themes/blogsite/assets/js/jquery.custom.js?ver=20230701
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8e8b70424cd0f3f1f5a9285e3b0d2a0d5546f371544550969facf69b81a0d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:05:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 528708
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dVGidNgs2HM4zj1uBSmf3vRl9UwR%2B1pkJ%2F%2FY5H8X0ihrw4A2beYlkze2Xs5lEK%2Byrmywjx1e9y1eo6IF8qfkC%2FbVtKFpqjj3dxc2MdfIW43us%2BcyO%2BxzyPa5k0Wb3%2FeHUhm1zbrEqESBc5uMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c620bd4d663a-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 17:32:48 GMT

GET
H3 200 comment-reply.min.js Show response
newsmoi24h.com/wp-includes/js/ 3 KB
2 KB 120ms
119ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-includes/js/comment-reply.min.js?ver=6.4.1
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 483498
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBEz%2FPkn6ee5OOLqMLIP2Xt4Xp98oPW3Pr%2F9Oo5GwrKjrJQhxh22Db1mp%2BAJbj70l1L%2FYAyCUJKHKnbjjRZexvSdasHUHToEBQhw1PohN6y3UYLLAyqE1Xp0GNapG1kDDs0vYlQJilC01O2ecw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c620bd4f663a-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 06:06:18 GMT

GET
H3 200 tai-xuong-14-300x300.jpg
newsmoi24h.com/wp-content/uploads/2023/12/ 21 KB
21 KB 104ms
103ms Image
image/jpeg 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsmoi24h.com/wp-content/uploads/2023/12/tai-xuong-14-300x300.jpg
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25423574fba4f8b00cee863e96c126c0d5a9e3f8cfd48021a8a01336201f98d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11460
alt-svc: h3=":443"; ma=86400
content-length: 21427
last-modified: Mon, 04 Dec 2023 16:06:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lasq%2B6ZZfMM4jSWhYqa5dUU2OjsuhdUtRYDstqbaOhBLDCf8clT59M3qzIvnsptS43To2gF8ojh11z5qSuJMFEFUy2MhnJe0A%2BoG%2BBbvcTEVDH8A1qisO%2FF2sCUVaipQ2yeVVLNPCT%2F%2B7TvHrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8306c620dd74663a-AMS
expires: Mon, 11 Dec 2023 17:13:36 GMT

GET
H3 200 tai-xuong-13-300x300.jpg
newsmoi24h.com/wp-content/uploads/2023/12/ 18 KB
19 KB 882ms
881ms Image
image/jpeg 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsmoi24h.com/wp-content/uploads/2023/12/tai-xuong-13-300x300.jpg
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 209cf412071f77771f7a2fdba45149911fecb5c892cecc517ecfec986c96d5d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:38 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 15:56:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gir%2Fup%2BN3TMKq0uXrY1F9Ay8SrXhyynfN2joPPX5qR4wiQOOgmZ0UyENOoQkKC72bQqXWA4WWYVGyc2A%2Fe5uHZoDN%2FO9RQrsriTpAzSrT%2Bhgna2J4IgSefe5hKYrdZsbdlZTE1YqhXWXEOxr3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8306c620dd76663a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 18879
expires: Mon, 11 Dec 2023 20:24:37 GMT

GET
H3 200 tai-xuong-3-300x300.webp
newsmoi24h.com/wp-content/uploads/2023/12/ 11 KB
11 KB 622ms
621ms Image
image/webp 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsmoi24h.com/wp-content/uploads/2023/12/tai-xuong-3-300x300.webp
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac58943049ed7f7b2da5eba6eebdac9aa4cb31ce889a33d9a0a91ef67f2539e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 15:36:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTvbqqE7BACYfH%2FXm%2BLeBHdjl%2BzRwlH4eOb9Qv%2BA8Mm%2FmkSr5RgYG6goZ1B2fRim%2Bv9CEC4B8m%2BFYAuLD8NEqziX2Z5C9l2N6BQ6%2FYyLuxb2qWAbOuTsl%2FKJTB6GS%2FhcWkj0WdRVNUQNAkR97Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8306c620dd77663a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11074
expires: Mon, 11 Dec 2023 20:24:37 GMT

GET
H3 200 tai-xuong-11-300x300.jpg
newsmoi24h.com/wp-content/uploads/2023/12/ 25 KB
26 KB 819ms
818ms Image
image/jpeg 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsmoi24h.com/wp-content/uploads/2023/12/tai-xuong-11-300x300.jpg
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e80d4fa55b271b85d038e5374dd1ae917be12e19d4df799117aa59728ed900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:38 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 14:58:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMqtLAk9EM9ydjMLt%2FOoYz9XM6IAOAO4KfxRtweBj99IJXEaqF2LWm%2FA4Z0kUlL7MJWZiXkbkrrH%2FkFvGZRO2dcMW2wpVwiaGhIda9uFBcHnVVRL86MSi%2FY167LpDYBrtgFkbJmPHwgWYxebtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8306c620dd79663a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 26090
expires: Mon, 11 Dec 2023 20:24:37 GMT

GET
H3 200 huynh-hieu-minh-va-angelababy-ly-hon-300x300.jpg
newsmoi24h.com/wp-content/uploads/2023/12/ 28 KB
28 KB 866ms
865ms Image
image/jpeg 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsmoi24h.com/wp-content/uploads/2023/12/huynh-hieu-minh-va-angelababy-ly-hon-300x300.jpg
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60d0795157a1b159ee704273c6b08655223daf1af42c74fe0d1810659656fc7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:38 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 14:33:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKNQMIygdHaOx5eP4cBivYU%2FMI0Blbe4z4eqouxD%2FZtX69MemWf1Ah%2Bu%2Fva7dnSVsC2mZH4JEtgRdqmJ6uLWyI0E48GI2uuEkREfF2Ikga3AOUep6EJGUKKv0bwAstCySmyT2jq%2FwEDqNzwfJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8306c620dd7a663a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 28437
expires: Mon, 11 Dec 2023 20:24:37 GMT

GET
H3 200 wp-emoji-release.min.js Show response
newsmoi24h.com/wp-includes/js/ 18 KB
5 KB 45ms
45ms Script
application/javascript 2606:4700:3036::ac43:bdba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsmoi24h.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 21:04:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86753
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03AmaPvu4ec%2FBIKMfUaPAD6KbKILWOSFoV%2BHgKKr47BiKlZgoQGxYo1nsRu07Y%2Fj%2BKNbd7pocjWJgTRsjzBkQr7ndtQpNVWpNjaznnrhYyXZMluKoe0IPyrkayxC6OK%2BrbNc1qayxrRUiB76Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8306c6218e85663a-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 10 Dec 2023 20:18:44 GMT

GET
H3 200 newsnhanh.com.1542856.es6.js Show response
jsc.mgid.com/n/e/ 306 KB
93 KB 73ms
57ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/n/e/newsnhanh.com.1542856.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsnhanh.com.1542856.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b3b49129a7edc13ca1a84b87cc515e6cde7eb02eac37c110f35b5bdf3ce08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
x-amz-version-id: sMNt8dGTJCN951KHigO20SmMFAF502Ll
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: TMZBX0A6P6830H5A
cf-polished: origSize=313621
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AXyhyX7C38xDYiYyqtn7thWwtoAIUGCMS9bdwWcje5FJ5KXy2Z8thq5bxsAat1EUur9a4CBwu6I=
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:28:26 GMT
server: cloudflare
etag: W/"8a5486084bfaa1fce1e10a9f13be1f5f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8306c6226bcdc242-VIE
expires: Mon, 04 Dec 2023 23:24:37 GMT

GET
BLOB 200
OK dfb0d80d-fdc8-4cdf-a574-f7d8b95f1bb6
https://newsmoi24h.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://newsmoi24h.com/dfb0d80d-fdc8-4cdf-a574-f7d8b95f1bb6
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 244cfa8a-388f-48e9-8b1b-26cb73dec514
https://newsmoi24h.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://newsmoi24h.com/244cfa8a-388f-48e9-8b1b-26cb73dec514
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 /
c.mgid.com/pv/ 43 B
115 B 64ms
47ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&cbuster=1701721477614445524855&pvid=18c368111ee9836637c&implVersion=11&cxurl=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&site=512576&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 8306c62338885b8a-VIE
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
BLOB 206
Partial Content 5701b9e5-4e16-4c1e-aaea-9f46147487ac
https://newsmoi24h.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://newsmoi24h.com/5701b9e5-4e16-4c1e-aaea-9f46147487ac
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 41ms
24ms Image
image/svg+xml 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FT3B2YNDBGENVSWC
age: 2668
alt-svc: h3=":443"; ma=86400
x-amz-id-2: T5sPcjZtf+bDh6XdJmp7hMMaIrle5xKb9BwVfmaNkAxai8X9iK4oKQPncfqBkIMJTmPLzS6Pbg2Yz9at9uMFJU2Q4p1mhW6T9hRl6tH5ghk=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 8306c623c9b15b8a-VIE
expires: Tue, 05 Dec 2023 20:24:37 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
815 B 52ms
36ms Image
image/svg+xml 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YQB9E0XZ4AF5YHE7
age: 5720
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CxpyNkMvUy7EglrL46ndveEgmcKj5NlhgNn3xrtwadQGLxOYO5GJbbUWfWYVC/75XuxenQ1eXpI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 8306c623c9af5b8a-VIE
expires: Tue, 05 Dec 2023 20:24:37 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1542856/ 17 KB
4 KB 82ms
64ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1542856/1?mp4=1&ap=1&w=820&h=4424&ident_p=true&sz=680x451;337x280&szp=1,4,5,8,9,12,13;2,3,6,7,10,11,14,15&szl=1;2,3;4;5;6,7;8;9;10,11;12;13;14,15&cols=1&sessionId=656e3586-178a5&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&cbuster=1701721477757744328835&pvid=18c368111ee9836637c&implVersion=11&cxurl=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&scum=%3F0&scuw=%3F0&uniqId=11304&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=1&dpr=1&ref=&apt=2023-11-21T06%3A55%3A24%2B00%3A00&tfre=528

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsnhanh.com.1542856.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bf977bb42741e588dcd51a727778a7e29e13a0836540e7931afd0d68cd959f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8306c6241a625b8a-VIE
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvN2JkZ...
s-img.mgid.com/g/16853267/492x277/-/ 11 KB
12 KB 78ms
31ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16853267/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvN2JkZGE4YWM5NThjMWVjNjlkNmNmYTQ1YWJkNDZkZmMucG5n.webp?v=1701721477-HdzXm-Yk27a_ad_9wUViQELpxp4VAUYiRsNxYaZ6O9g

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02d8d8d1d3f164722d3aae632d7f0847fa5e99e1f0bc0442043779016dc2f500

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 68b9e68d-b2c2-4b40-adff-c4b59871d3fc
age: 326151
alt-svc: h3=":443"; ma=86400
content-length: 11512
last-modified: Wed, 02 Aug 2023 19:40:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c624fb5ec30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjk0MDMvMTcxN...
s-img.mgid.com/g/17185580/492x277/-/ 13 KB
14 KB 78ms
32ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17185580/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjk0MDMvMTcxNTk3ZGM3ZTZjMGUwOTIwNjJmYWMyYTFhYzM3ZDcucG5n.webp?v=1701721477-3hIhS4ZBZKTF0FKPqdiXTVs2l3dhCvJu15tkD9c8Y3I

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7da916892d7eec7777541231cf3d955c4169bf11e1c591a6b712b2e55684ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 4cfc0cdb-1d50-4480-ac4a-16ab40604d57
age: 208164
alt-svc: h3=":443"; ma=86400
content-length: 13518
last-modified: Thu, 14 Sep 2023 17:49:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c624fb58c30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvNjYzN...
s-img.mgid.com/g/16853266/492x277/-/ 9 KB
9 KB 73ms
27ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16853266/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvNjYzNzAwNGEwOGMyMWU0MjVjNWZmOTQ2ZDRhMDkyNGYuanBn.webp?v=1701721477-JpCRXtZdo7OPV2NT88YXoBGiXIne1LKA8EDqiMbzB18

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fac3e33c9cfb1292e532ff09ff978a92bcccd41a1bd79c6a13dc5631c712a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 9cf8bb4b-315d-4f2b-bd8b-396a78881f55
age: 398795
alt-svc: h3=":443"; ma=86400
content-length: 9050
last-modified: Wed, 02 Aug 2023 15:40:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c624fb5ac30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvNGYyZ...
s-img.mgid.com/g/17928732/492x277/-/ 9 KB
9 KB 90ms
45ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17928732/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvNGYyZTdiNjA1YTVlMzY3MjVmZjFjNTI5MzM5OTU3NWMucG5n.webp?v=1701721477-7PoOwtQg4NnlaONfbW9C8dF1n79KbCSbBu7rqAmOe5E

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64511eb16b26a657642ebf4cdda009893f812c71d87b3eaf9ede851b2d2fa928

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: fdc26e57-7104-44c6-acb4-8bef78eecb6e
age: 319577
alt-svc: h3=":443"; ma=86400
content-length: 9278
last-modified: Thu, 30 Nov 2023 15:32:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c624fb62c30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMjAwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA2L...
s-img.mgid.com/g/16853223/492x277/-/ 13 KB
13 KB 76ms
31ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16853223/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMjAwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA2LzM2NjkwNC9hNTFkYmY4ODRlYmE5MmRhOWQ5MTc4OWNiYjc0NmViZC5wbmc.webp?v=1701721477-UnAjqhEw1YVhUduM8mVeskZzEPQSx7pXpPi9LpZPD34

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b462050e1ddbef4d37b79d23368bbfdaaf9ce0b6fad349d734b1b8ceb50432e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 749cdaa5-6f04-4498-b61f-a92dc94cc472
age: 317449
alt-svc: h3=":443"; ma=86400
content-length: 13128
last-modified: Wed, 02 Aug 2023 15:01:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c624fb66c30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvZDBmO...
s-img.mgid.com/g/15653120/492x277/-/ 52 KB
53 KB 77ms
32ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/15653120/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvZDBmODdiMzAyMTc5NGY0NDJhZDM2YzY0ZjkwYWMyOTcuanBlZw.webp?v=1701721477-vo3LT1UJPLEJWoziiOdTE7vrSYKXMJqs4ZfBjHCB_MQ

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f6f9d0243502b97869f93bdaf732854b64f720e7b0aaea1268c8a063131d953

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 6c4b806b-5011-4d97-b36a-1c77884beb04
age: 48708
alt-svc: h3=":443"; ma=86400
content-length: 53636
last-modified: Thu, 16 Mar 2023 15:18:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c624fb64c30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8zNjk0MDMvZjliN...
s-img.mgid.com/g/17526157/492x277/-/ 8 KB
9 KB 25ms
24ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17526157/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8zNjk0MDMvZjliNmZiZDY4NjUxOTI2ZGY2ZGFjZDU2MmJjMTU0MGYucG5n.webp?v=1701721477-5YyFh9GD2etSf62e4KMARsEt1fNfRJjxGDqO5KW57bM

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0e93d2bfd1900f9c7f479ab923c0ca2acabba511edba5a95a7fa35b5b50abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 1a2eb5a3-5b2b-4eaa-866e-f675abf5acfb
age: 101305
alt-svc: h3=":443"; ma=86400
content-length: 8672
last-modified: Mon, 23 Oct 2023 14:48:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c6251b9fc30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zNjY5MDQvZWZkO...
s-img.mgid.com/g/16853275/492x277/-/ 9 KB
9 KB 35ms
34ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16853275/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zNjY5MDQvZWZkOGI2ZTJiMjJiNTJiNjEwYmRmZDU1MWI5YzI0MzcuanBn.webp?v=1701721477-MHSlN0c5F7ZjJ4asw8m2KXjSMXnf-F9mUPRBpA-o2ik

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ef9de188fb50864cbb9ea2dfd74e20ec9e36d2328fdd239493fcbcffeb89aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 644f2469-38c2-4a5c-8e08-b2d60d4fb88b
age: 2126103
alt-svc: h3=":443"; ma=86400
content-length: 8866
last-modified: Wed, 02 Aug 2023 16:53:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c6251ba6c30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvYmU5N...
s-img.mgid.com/g/17928718/492x277/-/ 9 KB
9 KB 34ms
33ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17928718/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvYmU5N2FhMDEwNThhY2ZjNjZmMTJmYjdhZmQwNTZiZDIucG5n.webp?v=1701721477-ji_RiFTR0LZaPwn-KV4sLWCjPL8UbBOEJTwqihI_-rM

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecca851b7fa5f2b3bcf747bf72de5dc4e387fe19850ca858a12e71a7411679c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 72553295-4819-4a12-8348-adeca5f9d7f5
age: 362517
alt-svc: h3=":443"; ma=86400
content-length: 8920
last-modified: Thu, 30 Nov 2023 15:28:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c6251ba8c30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvZTM5M...
s-img.mgid.com/g/17928717/492x277/-/ 15 KB
15 KB 28ms
28ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17928717/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvZTM5MzA2Y2EzZThlNjQ1NmI5NDgxYzU1Mzg3NDkyZTQucG5n.webp?v=1701721477-rjQVirySF18DrhGBMyjnz-YjWWNrJlDDwD5J_nRvmxQ

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1968b6a6fd537407945be55f513e49d543f4ce1005d201762fbf4eb14157a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: c9a6ec94-ddca-499a-bf5d-d65941158dfb
age: 362517
alt-svc: h3=":443"; ma=86400
content-length: 14942
last-modified: Thu, 30 Nov 2023 15:24:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c6251ba9c30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDc0LHlfMjk2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0L...
s-img.mgid.com/g/16853273/492x277/-/ 16 KB
16 KB 35ms
34ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16853273/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDc0LHlfMjk2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0LzM2NjkwNC81N2Q3MDQ2OTZlZjNlNjFiYzQ0NWEzYzEyMTNhNjVjYi5qcGc.webp?v=1701721477-zeCQBTRG7mCexdGtHLfPLVpx_PhBbLuG74H7gEOX2TY

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b751fd7299a5b35c94cfea53d69ff419b86c0b473938fff8b810c4fecac9d293

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 55c1b9d1-5eaf-41b7-a97b-3db8393b1af2
age: 314045
alt-svc: h3=":443"; ma=86400
content-length: 16210
last-modified: Wed, 02 Aug 2023 16:53:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c6251babc30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDgwLHlfMjcwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1L...
s-img.mgid.com/g/16853274/492x277/-/ 6 KB
6 KB 35ms
34ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16853274/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDgwLHlfMjcwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1LzM2NjkwNC81YjAwN2IxZTZmNTdkZDNhOTA3ZjI0NzA0NzFmNjMxMS5qcGc.webp?v=1701721477-OmRRQB-3AyYnCFiZDBPG7pKaFWDlLNEUQ3AUBl6aLEc

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2a8c7a526e508ed097c67d481cf59e2c6e776e9304eeba54272674e106602fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: bc76ae77-34f4-4e67-8d98-b5da34ecf14b
age: 2129763
alt-svc: h3=":443"; ma=86400
content-length: 5798
last-modified: Wed, 02 Aug 2023 15:00:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c6251bafc30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMjAwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA5L...
s-img.mgid.com/g/17334702/492x277/-/ 15 KB
15 KB 34ms
33ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17334702/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMjAwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA5LzM2NjkwNC84NmYzZjU5OTQzMDhmNDllMzk4YzA2NWRmOGIxM2RkYy5wbmc.webp?v=1701721477-9w8UAz28UEeRofq6hpParldXJrLs-iF7e7ul-7EcJcE

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a2153631f29ad5433df476a048872a134b1bec1aab8e9fff3bc4893b199b087

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 7b50ff13-27d1-41ca-ba27-a01e49ed169d
age: 308970
alt-svc: h3=":443"; ma=86400
content-length: 15326
last-modified: Tue, 03 Oct 2023 13:56:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c6251bb1c30c-VIE

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjk0MDMvMDc1M...
s-img.mgid.com/g/17712756/492x277/-/ 30 KB
31 KB 35ms
34ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17712756/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjk0MDMvMDc1Mzk2YTdmODc0MWU4MDg2YjNjYzc4ZjcyNGI5MTEuanBlZw.webp?v=1701721477-6DwoZlwHfvnzYccBs3TN9RLPtWYPAw-XoweVfr6LAyE

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aed7a92bf9a41409a831ee87c89a1ebd36e8ad8ab525bbc0acc197b55f99ffe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 79f8edfb-218d-434a-855d-adb48d4ffbae
age: 319497
alt-svc: h3=":443"; ma=86400
content-length: 31216
last-modified: Fri, 10 Nov 2023 17:07:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8306c6251bb2c30c-VIE

GET
H2 206 382807a63802a06b08a3659468d0f84b.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-11/369403/ 592 KB
593 KB 62ms
25ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-11/369403/382807a63802a06b08a3659468d0f84b.mp4?v=1701721477-OhNFVgyTsXxVasdrhSObgb9atLucgwXIp6rydnU-MTg

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07acb32729e17bc7cdd9f0496c1c24dd12dfc2d51da123a9d9d65cbd4f2d76e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsmoi24h.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 320964
Content-Range: bytes 0-606340/606341
server-timing: cld-cloudflare;mitm=c;dur=154;start=2023-11-29T05:58:18.647Z;desc=miss,content-info;desc="width=680,height=382,abps=82227,fps=29.97,du=7.374,vc="h264",bytes=606341;";cloudinary;dur=130;start=2023-11-29T05:58:18.666Z
alt-svc: h3=":443"; ma=86400
Content-Length: 606341
last-modified: Tue, 17 Oct 2023 07:20:28 GMT
server: cloudflare
etag: "65b89ae40d96954f8cc22083122fe009"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 8306c624f92f916e-FRA

GET
H2 200 i.js Show response
cm.mgid.com/ 0
104 B 77ms
59ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?cbuster=1701721477889562031970

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsnhanh.com.1542856.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8306c624ec455b8a-VIE
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 46ms
20ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsnhanh.com.1542856.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: RS37KPK8ZDSVZ6J3
age: 718
etag: W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8306c624fde935eb-FRA
x-amz-id-2: PoleiHBWyTevZwP2w/5sAJ1JamikLunfbnjH0XU9xksPH8cV6IZUnFRGXarBkJwcOXKiTTjAFuFsq4mU4aTm5g==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 45ms
8ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsnhanh.com.1542856.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:37 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=135916
accept-ranges: bytes
content-length: 63913
expires: Wed, 06 Dec 2023 10:09:53 GMT

POST
H/1.1 200 z3RNPCeoe228amnOetBed-qHgrMkr353agOQPC_UPh9qLM12B_JOe6VRXb7CEEtIJRg8O77reg9mlRXgLN17JD90LgizhGurGXvuTdQXOCtaB7tF-F-bvg0sZ-BkyfoJ4sU04hZ-nS7gtsl2eNpCa4M5z-iSi_p8wSdUc2PCdAu5sYtCkP6VjxV7mrTdXTVwn2j6S... Show response
aj1559.online/ 1 KB
2 KB 94ms
94ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/z3RNPCeoe228amnOetBed-qHgrMkr353agOQPC_UPh9qLM12B_JOe6VRXb7CEEtIJRg8O77reg9mlRXgLN17JD90LgizhGurGXvuTdQXOCtaB7tF-F-bvg0sZ-BkyfoJ4sU04hZ-nS7gtsl2eNpCa4M5z-iSi_p8wSdUc2PCdAu5sYtCkP6VjxV7mrTdXTVwn2j6STEqxbBndJwFGcSH_BxAo_ECNQ0j5TZ_hb3UW9j4ANzHR1PAYyqn6uSASNw7Z-DZHGhM3IXkkdegWQlk_iCyQPNOx70Ui0NQSMgP1kbwP3Y6lGSBlauqcw20l4PbKpt5pg30ZkARBLSbiLxa7R9Erid6RjNgbIH5eB0xidOG3D98H6znSPAgZbI5El_LbsgIEO_6Q9GH9vxm5UJnR1EVwrcSVPbvtDcasyB91ASZINR8-cRmEiCOFEGwOmz6jRum_fkzXji8aXrSEoidM4XfaEDH-ACNGNSQL1g3puY3n8O1ICo9zJRFqFIoWOCB5KtDdJx_iZf3l8vCFrCyLkPPIHq6bRVYgHfuy6ztFIDGEFJJCrDrYx_wUh6XTtuJ5w4Kn3Qu_HkwvFBEx9A?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: de15475770503c4b998a1fd7857d6d1f0f651a317611b4171f6e88b71b83ef15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:37 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1114
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zGCHMa6vLeXWC9Wit3rqD0sQGr02Ys-uvbfrgoU2dxZrmUhEkrxFir5XsTh_F5IA6G3gK0dOTPxSfyl9hagFpN1sekBamSTAccWxvZNfZzmCBmo06eLtaKl57Fpio77DYF-THmlEmTk4nDFa_3Zoj5RCflqMr6Ar8RPhmXI78a-O2ltWOE5sePB8bpUAzPuyYaZFI... Show response
aj1559.online/ 1 KB
2 KB 190ms
96ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zGCHMa6vLeXWC9Wit3rqD0sQGr02Ys-uvbfrgoU2dxZrmUhEkrxFir5XsTh_F5IA6G3gK0dOTPxSfyl9hagFpN1sekBamSTAccWxvZNfZzmCBmo06eLtaKl57Fpio77DYF-THmlEmTk4nDFa_3Zoj5RCflqMr6Ar8RPhmXI78a-O2ltWOE5sePB8bpUAzPuyYaZFIugomZAxdxqLxzUa-7o4FDNe22DRcrgRNUsl3M4zRn8wMVEFzvEN0OZj0b4PHzXEUOR74Narqk0sQTOmusqjTeIGoRXwPvnKqclSwjzspVvlecR1lBeM0JtM0AOPWRoluPwbSANm86KGQEjfC11KrQznTr80oaqVR3EFXyQDDBKDsOAY3H5Pw3eI9yD6mKEg3wTRhELYXY9YdT_9fyqrGKby-ebM00Gi7u3Wk1wnMAZqw_aWrNZM5hHlYoF3cjMQ8cdaiV8CD_qCJybZYHF2DBx_L4Aqtn1kwMXS1XqrmtRgmlRYWOd67tuFA7fYTmb4L-6C0HSeJBRlMM-BSyWkbQnQ1V60DwM0r_SnHrGgnS7KVxBjGA2zlSpIQMlIDvFoqbgawTU91EExgpg?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 366b21fc3ec34bf9eec0f9ab948f94f1401731a0d4b3021219256d59bfa71744

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:37 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1137
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zmoSsfQOx2BmruyUoPaRwDPe_-Mo93EhbYC_cFw7D1c6MglZCVm-MXIpOTZa6gp9DlBL-r7-B9sUVxhsIZ_FMM94Kp3Z_FRqtDGtyUuOJD_tknsYvgo_PfWfFIl5Gy6LziFhW3gAWy9HoS83_C2ROTImPKVLUk2eMtj7WXrNR9JPGvJyyPSiuEBlrUVX-xl68A0X3... Show response
aj1559.online/ 1 KB
2 KB 278ms
95ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zmoSsfQOx2BmruyUoPaRwDPe_-Mo93EhbYC_cFw7D1c6MglZCVm-MXIpOTZa6gp9DlBL-r7-B9sUVxhsIZ_FMM94Kp3Z_FRqtDGtyUuOJD_tknsYvgo_PfWfFIl5Gy6LziFhW3gAWy9HoS83_C2ROTImPKVLUk2eMtj7WXrNR9JPGvJyyPSiuEBlrUVX-xl68A0X3Tn-E3W3e59RJ7mq0NuBQRBJO3Yq7PAOFPB5HJd6dHyLq_3GJ7GlSEopghc86sf75HG-Mb2feuVGQR7YzFn25NBh45b8q72dKVMl20ordyb-7kVFY0eMVnxgvhNlsvI3e9XIZnEVTy1HXH_44RSlcfj2dB5V_CRDH_TcVyk1BCcKf6C4K7xQi0jpJSbFBFv1lah8IrTJqqzmyvv7N6jV_TBQl6Xh1O938tlX4ZIV4U902DBTlUcHJwCNw_T9eiRWpIOnrd3KcCV9qjKEcLwWIAIdTdbbHMTcdeQ5w0SRgyp9KgOc-SaXTJLQgpEdY70PA3X67xmU0NhavEECkejl7IZGY9t6Lg0z-UtIfl9Se2SO8690OzA6Sm7SGGu8xUoUyTry7Sk8jEU1k9w?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 5ef515e1b371b23c4085d94056141b89b0eb3d94aeec1f1734f1e5509f9a7fd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:37 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1109
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zJHGdwRTQJVKxCYTbOXZnu6WjC72DYy_MZYOfrVOgllbO-v0PJTSCu1K-gTA9CXqT1hkSG8_2GEEcUNOstTYODgXO6Y3WDGvjidA-lL62d4kSygkk8Vk7JIrs_hOY_Brpc03PUObmlnIYBo8mfJCalgboLlERJappNvbnEcr_GpfLXsBPC9Y80LdUvFQTQ7f2YIyc... Show response
aj1559.online/ 1 KB
2 KB 278ms
95ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zJHGdwRTQJVKxCYTbOXZnu6WjC72DYy_MZYOfrVOgllbO-v0PJTSCu1K-gTA9CXqT1hkSG8_2GEEcUNOstTYODgXO6Y3WDGvjidA-lL62d4kSygkk8Vk7JIrs_hOY_Brpc03PUObmlnIYBo8mfJCalgboLlERJappNvbnEcr_GpfLXsBPC9Y80LdUvFQTQ7f2YIyc6mG-tCFEK7skIIgOk2PmAd58u9XmY4q9-1iN1V4xSIh8f_2pQGiL3UDNlvrUe7elKuHmVgsQYbrFcEJ8AG_E_2QNk7EDx-T1Wps7_v_FPQJVAh5IMyR30PXrKrIbiKW9wQWeDFxKSEuS8MnWZNR2Pc7Mp-JGR5kN8V_J0e0SqHWcr1fU_r8Nh3Z516YEzGaVS-7vDN6f1qXaSoYp3GXbYd1ChmJs17YB0Uu-95kfnUhqxMEzFYMUVZhR7rSSUgH0z-j4iAgqnd22dSnpond-K2OV9wIEJm-CvPn0HyQ5Gs9zY8MbKCiA6eny6DHE5kVFWWCASfzAz2qaSWQ2g2M7iYMV6h7REw03PLVt90JX-Pawrtxcy7y7G5iT9xxCrHSBKBDqTR90Hx9l9Q?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 97a04111131a2f57d0704bf8310372af7036da3da03cd953b0dea3a8344a563e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:37 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1113
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zdNd2xFtaD4MmWKYcWabKnnz-wPwMQhNA-fJg4PtP3Zo9mc8GX7ThPPM43Qo-rbYb3OqROcVKY98sT_UI3Th552mnmH-r91SlliVW215P3imJ7F8ilo5LkDFUqoyVAhf_QmOaIBmAWlIyW0aWQdHHVUzwEkv6cQyVbmUaUqQwfQy5j-LAwAvQX_kZKEbPuJhAeEcg... Show response
aj1559.online/ 1 KB
2 KB 278ms
94ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zdNd2xFtaD4MmWKYcWabKnnz-wPwMQhNA-fJg4PtP3Zo9mc8GX7ThPPM43Qo-rbYb3OqROcVKY98sT_UI3Th552mnmH-r91SlliVW215P3imJ7F8ilo5LkDFUqoyVAhf_QmOaIBmAWlIyW0aWQdHHVUzwEkv6cQyVbmUaUqQwfQy5j-LAwAvQX_kZKEbPuJhAeEcgEXpCgICYlZW6LdWGsaJX6TkrQ0wBsRYpGcLTH7m5MZS1EX3ssEq0gHBaWTmzNd0IpefyElo6c7bFNhno7LPIvWKw0CwSUM9Rgig1KMGnAOjt8uqznGFGwrPXF3AD0zzRN6rD0z2UYmkYRR2rZhb8z7R1Tq7MCxsC-QNrYZsRHlwezBfief8YaLHv5nkFXuQG_jaBfIvuacByfXZt5Win2cTjk-mo7uUtoyFJc8QoxEG_qsKUzz34iXiStDMD91bGDZsHm0_stjnujNPWHaqG4oovHfoQ0049PN9K7f1kV72r62NAID7o5Rm6COXNiV10aHU1wScgG7NuLA7h8vFN8PjNiQ5bALOTg1uWNwyCTehWTPYxSSRHx7kUmP_9mYsq6TO5Th8uQR83-g?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 203e16befaebcf98b658d29cf6b23017783cea9b34ffd91438904aa2c1ca9e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1111
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zqT2eI-pFydzDeqNCQcCoy04BXJa_sS9zESdPbe_uWVBsawASijGRr0FzGjWTZXr3itvhzZ1HnoRBMSovA3IARFjbGI_Emz2KMaWWKvwyFNFnlVA4Az0SHtiUdGH3_Dm7lGpyyEjK5cNHDUoEYWN6nQQ-E8IU5-OOh5VFKdo8Lle1rG26cCfdcXGCBkJ7HmSrtOFY... Show response
aj1559.online/ 2 KB
2 KB 740ms
553ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zqT2eI-pFydzDeqNCQcCoy04BXJa_sS9zESdPbe_uWVBsawASijGRr0FzGjWTZXr3itvhzZ1HnoRBMSovA3IARFjbGI_Emz2KMaWWKvwyFNFnlVA4Az0SHtiUdGH3_Dm7lGpyyEjK5cNHDUoEYWN6nQQ-E8IU5-OOh5VFKdo8Lle1rG26cCfdcXGCBkJ7HmSrtOFY5RHtu-faEhOBPpWqavKiPtA_lABxiI1Nsm2Makqqy9v3RjwsBShjgLHrkyaBfREPZrvSnnU9MKu2-TNLnkEs704SgwHTm5Dabz4Q8ev_OAbpCsdtOSwveuY9xknEb6JUnYteUukZGRUGKY5Nx_dXpeNbyPQgVJyJKVLn10ZbiabkIAcpRMmCfIjHlQI8LY_ncOz8qtJZd6yrtJpp6J4stHKTjIyuEzmZPbRfihWljY0xGuXWYz7vvnIG21wUP7JF-hen9uX1OfbgNKek1IdlFveaIPOuayCJGIcBTW_dL8d6f2OLKww0iOjzcsT1ys7u_Jp-WFfTD7pRoNjimjejP3ybgvbdt0j5gAb96ZbPEF313L-z5lQvum0W_Gbl4ALW7m3oT00hQh1npA?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: c0e5c83e391c8a3692d93b77eb0b60f62c8ff8de4567e17610811d6fd2790bf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1789
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zQdlqm6FywAPuOWcKw26u-pBtiot6TOWeetxtB1OOAIc0Pstmmj3Zxew3gDCNMlaQFRI3y4DoRznnGUHPD4Mg8eUXwEzb4K_i73Fv0hdQRzaYdffaMNQcxJlibsziPvpEcCf7sIaWuKnWk9fha-S18J62zRF16pK-Pz1a4rG4rsTMugWmX65rnDE_3YFuojrmCGf_... Show response
aj1559.online/ 2 KB
2 KB 281ms
93ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zQdlqm6FywAPuOWcKw26u-pBtiot6TOWeetxtB1OOAIc0Pstmmj3Zxew3gDCNMlaQFRI3y4DoRznnGUHPD4Mg8eUXwEzb4K_i73Fv0hdQRzaYdffaMNQcxJlibsziPvpEcCf7sIaWuKnWk9fha-S18J62zRF16pK-Pz1a4rG4rsTMugWmX65rnDE_3YFuojrmCGf_AjUXxYitXigX5rFZ1sKFTvf2JYhSYDcCYD7kw4sqTsptvix5QHtqum4On_fszKef04LJ8aLoXUccLaLoRyeitg1lBdujd-PnAs2rakNXgfFyFYf27PmY2GMpvrMs9JEIfBL-kLSv3yPcQNvnrjsY1KGDq7TkF-VLhBQtiVF3etSOyBKDbIj70D8vpL9-fSLe4QiZ7z5lxf2nLVy8TFdrj32OHa2e79eMmvQGlbChoJLqdctyMjh2kXDW-ygbaok-cX8yLotzpHC5mBidpdYJM-65mBuU-laX9SGOihOQ8VFKJz_WAtppAfj3QXKV5-Z6HluMNin6wS_TeHexBEp_AFzJV7HrOC81CRjZGgopO_4N1hJ-4vCC9yciqexeauZbt75NTXYfSmGm?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 334e975e0c38313ff9b49c144ff29af011efcd62cccd3836911899d9f80f544c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1758
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zdAulVQ02vOyDgcO264ZuqrYEl18nfRuicDSVFYLCOpL1vGRExKABh10T3wHmkMpI6FPr4hCUrdACaLSzKkTRYKwR8Up1W9jVQ7sttIiMT0qrh7e1nZCOqVTkyNnT5rznFmH_WG6AOZ0svkbd-bqCZYoWtXg-iF4Rd1sXmr7o_mXczl8uSmfwOBNQHk5dlrploOHK... Show response
aj1559.online/ 2 KB
2 KB 734ms
546ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zdAulVQ02vOyDgcO264ZuqrYEl18nfRuicDSVFYLCOpL1vGRExKABh10T3wHmkMpI6FPr4hCUrdACaLSzKkTRYKwR8Up1W9jVQ7sttIiMT0qrh7e1nZCOqVTkyNnT5rznFmH_WG6AOZ0svkbd-bqCZYoWtXg-iF4Rd1sXmr7o_mXczl8uSmfwOBNQHk5dlrploOHKX8lnTDkQXomWJcewjJo3jzGQ0rwExsWIfSEraOmlEU01XZ5eSnDx9IV7yPn0-9rhRC76ga-WVOfYH3l0Vauyvhvg4yj97GMDnHJsS_Ooam3fdXTEf2xCROy509JvxEM5J1_zOgC1jxRirChpJv_7ulVMaiIUikYLCBWFVEEhAqVFEeTCN4u9UDFr-N7SMcVdf0OshMcjy_lrcEFyh0R0oeRX6rApnO-BrmdHM2Bk6rOZFqCGmDYQba4cOLOZdAhq58xL_KFRTYtOEI6uJwUbW_gj8f_GML4axio2cgb71_l6veIiNGpvYsl0ZpT6Kea44NLD88WAfTagp__lp0hBX1uRrjPxEwqbQUZUZ73m_WSbM-hjWO_0XIYIFkti_xLw-129Ghx1FRtkoQ?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 15ae90cedd0652ad90b14f826de3bfb35fd996ba8e3a9eaf40dceabf72750da0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1867
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zgSnOD7pVvRLhC1nkaYSpNMXtbD45VIyXlO-AtqizSFi-xk2siVllUSE99yvpoff4Q_Tml72qNDfMTTHmhnFZu-JjQpbR7XXgVZy4trLgukvaIjQ7miznUgqnTFUK4ajYRcMdX-syS_zWUfgMuRPDvzaCCa075h_eJ98YRHKp-A4ArHrHn_vXOTcE0Xmvfo3aoBCO... Show response
aj1559.online/ 620 B
1 KB 368ms
93ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zgSnOD7pVvRLhC1nkaYSpNMXtbD45VIyXlO-AtqizSFi-xk2siVllUSE99yvpoff4Q_Tml72qNDfMTTHmhnFZu-JjQpbR7XXgVZy4trLgukvaIjQ7miznUgqnTFUK4ajYRcMdX-syS_zWUfgMuRPDvzaCCa075h_eJ98YRHKp-A4ArHrHn_vXOTcE0Xmvfo3aoBCOiMd17ya8mUNjnIiQXVfmNhrd2Jchbov3_lFxVtdhkY64831lxAAAx8twjJm4YzO_ueCeP47VZ70bspkH-QuNLnPQvYDKLbgf9YPIOLg2KUbTI4m96pCXwIP3CUqzfT6mR18T5YuBPI36HlIzkzHfo9gkLhabr8VOocV1rS2EoNkzu9cJpAhL6PsMBOAVg_cGakZ3v2jgp7yF8OtOvNzsu3qCkwxREpMjaEOj2U8rw0bREi27OKjXnDl2ecwdlUqza-850-Yb25WhTgol4ftki3SaAR7zvguY00f28aMag4Vns5q9twddRv4gQArznzmBmX9b0QzUBGQ-3Jp1AJ0gIDhQjwm4w5EKqLJXyK4TbARPiZ8FyMufLEZyTS3degclN0fqGB8nH0lj8A?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: c522019dd6dacad7774748168a9f6e2af6db34134027dd14aa79a1b878000dc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 620
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 znHTj7uI2r8a6Dy1MlV73pvuZs-sIxfAAk_7yETZhl8caJR9rQAilU6poSMDo0RSODLpnhaqrBDmouwZIpSvPcwRSXnYxFBeyOIz3MvF_8rCQmLQxceEGXe4XqGuTBQb36DR9ayOPOFyytX5UFUt6YEFhwNLgP-5jzmD5Tvxj7JttHTpEo3-2FIRmxNlqlbPgAJka... Show response
aj1559.online/ 1 KB
2 KB 370ms
95ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/znHTj7uI2r8a6Dy1MlV73pvuZs-sIxfAAk_7yETZhl8caJR9rQAilU6poSMDo0RSODLpnhaqrBDmouwZIpSvPcwRSXnYxFBeyOIz3MvF_8rCQmLQxceEGXe4XqGuTBQb36DR9ayOPOFyytX5UFUt6YEFhwNLgP-5jzmD5Tvxj7JttHTpEo3-2FIRmxNlqlbPgAJkaOwcLWywmqQAaFiWDpQ9VE62auyqruq3FrIOQBt9j7UFLd1sP494N8Y5FOnaMsKVzG0_Se9zzA9tEoedzMirCZFPCw-9W8drc9Efni356WOqhymMEYluPC_uL9wFLF8ijgW5263xI4aZOvZnIshS5ffntUKO4NasGwkwGqd2iol-IvfjUq0YLQbcbioUQXRp6T97EFnVxuQp6D23UdOPm9DA_k_dRJRRJZYynCDO0_sYpGtJ62BiYQxYTCACjryErNIzgb8QKxI-Vb1Pn8JUCvDahl_-GxsxmOtp23zFve-2iCJexglqiSK1RuqVfY80pLFFlwMgjjd1cwP8amh7di5e77LvTFHDNm2JE9xQThLflniB9xkqDoB5iGBC10PsmH8i6SEQuRhlioQ?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 627e606f15626af32faeab8c25e54120ffb5ac4613bcef4b6870400fa5155938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1108
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zpMc_0M7pdSt80wptKYFVk1kstlX8KdVN3riWyv_jeWYPiaGMAZkaKQY3pY-fY3t5tZb_Np6NwSLkA3zi03qkuxGJQKtKGtnDxKvicsK7tt0R7iLYyRB7GSGpfA4pRRT8Y-z5SpPR_lTzk6V-fgKFX5-grBB9Op5udPhLhBywMvx_EZh3AEkHzDEoYrxD1yEbB4f2... Show response
aj1559.online/ 1 KB
2 KB 738ms
462ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zpMc_0M7pdSt80wptKYFVk1kstlX8KdVN3riWyv_jeWYPiaGMAZkaKQY3pY-fY3t5tZb_Np6NwSLkA3zi03qkuxGJQKtKGtnDxKvicsK7tt0R7iLYyRB7GSGpfA4pRRT8Y-z5SpPR_lTzk6V-fgKFX5-grBB9Op5udPhLhBywMvx_EZh3AEkHzDEoYrxD1yEbB4f2SXeweA5KwMBKTkqCb09ng-4UKwEuX0CVUDjrnJ6M6LoN13pWcUQTsX5oXbY84o-90YsROQLA-Y0eD-o-3BpBhehAox9w2SHuoTuhpkK-qnWgYOFlb17ieU-5-EzVuGEXOf9GGU_I86BsZZUk4tWOgJUCpj01qXf2Jz4hp9waagSib4NBm9TQUhsstcitx4q13V-Soks8lr1K3_z4dMxK_9CDlvFJyqh_qdDz0OlOFdZ78rY8DOW_YOojpMuj0moSbxeWavJ-CytXQ9--MK4U79qwlVV9Sb9sLIsEqY5SfhgrOOuLoOmGYcUW3u5lFV-LcFWHiA1tUzS6e-XnV89FBqlcFvlN_mhULaUa82z3Ee18Rx-tkQjps1upbkOkVha8s_ofsUlEIBceZ6M?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 673739567d4e078e44b24e91337e7169f2b032164643a85bb63a7428983ca1b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1109
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zcHkw9MJyTVc7pRPUO9l5VJOGQVXvOzNQqLKL2WQDj53c29YIhwsvYW3kIyG9fFzNrgpzf4nRFtbmiMUv8R9mN0WfQOvCLlvtrN2JolUGtA-f2anUcZZCqBW3o7itenxkwZLmfvnEjAGHUI_hn59J611JR8BzBAAhY1FDdwIi_QSEwcp9rPYaXjvRsyhSPUJ8s1pr... Show response
aj1559.online/ 1 KB
2 KB 373ms
94ms XHR
application/json 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zcHkw9MJyTVc7pRPUO9l5VJOGQVXvOzNQqLKL2WQDj53c29YIhwsvYW3kIyG9fFzNrgpzf4nRFtbmiMUv8R9mN0WfQOvCLlvtrN2JolUGtA-f2anUcZZCqBW3o7itenxkwZLmfvnEjAGHUI_hn59J611JR8BzBAAhY1FDdwIi_QSEwcp9rPYaXjvRsyhSPUJ8s1prxxtkJFqvm-ZceOqFrtMRYhs2qogDggWnnK7TvOGU9BrpYrUDKiaw7DbZZj9ryvf42t5xTwuB58iB0gT-MzZiev4S-fq_ZwIudlpE8-ViUkX4zJqP5Qyx2qpQZVA1T-iAz4RnF4chPSht0jw3u-i5p7hx43yvnfhUiw_EFwVkxrz4NnvGDkGGOQU9GpNnwSIjXPylfTgivO3We1PC5QhJuhq9HuTwn8gwZyaIV6KqIhtV7iCQuiKJdhol1Z0YdHzWXLZlhjm9AKbUUTnZQbi1ZRvN1GeuHeSvDmfsjZHnLs_tULj5cH4PZz2ls26GrZLFd5p3b0hrL0PpaqDKBbfERz8sm2CeYBFFYSie2O2q53KQf_OfvTmJnu4DOb5KOOGP8HjoHRwlEBxqpA?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: cff3081296b0052e0adadc4324a8ae7f9d129988c8d844c98831e4700f477692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://newsmoi24h.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1110
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
52 KB 84ms
61ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: aj1559.online
URL: https://aj1559.online/ba298f04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69add396e7dc99b73d5fde0017feafa8d3b507167c9a5b50880098a214a693c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53145
x-xss-protection: 0
server: cafe
etag: 2867666480769477963
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:38 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 398 KB
135 KB 87ms
72ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=newsmoi24h.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e9ea9de956a9a5df6641d231822c8bd31112a29cb59fe49f069d13ec70c02cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137666
x-xss-protection: 0
server: cafe
etag: 2841357872109052347
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:38 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 60D4 9 KB
4 KB 28ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 02:06:14 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 02:06:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 z5d8GENZMUGJh1FkKzjxAFwhRyH_W7b7tX0F2PDaA5RIQ1X5JTQyakI2HSSJH6OluSQIkagAAElepCX2caaeuA_xAMWWPZhWF1plPEupBikFQ01uAU_0A2wGuHjqkNKfGy65ZXY17mzTtpE5TG7R_mTYHLA6L7ZgxuR16O09epOW6jqkkPyT7tuJsQ5C3xyixOKoE...
aj1559.online/ 49 B
512 B 97ms
96ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/z5d8GENZMUGJh1FkKzjxAFwhRyH_W7b7tX0F2PDaA5RIQ1X5JTQyakI2HSSJH6OluSQIkagAAElepCX2caaeuA_xAMWWPZhWF1plPEupBikFQ01uAU_0A2wGuHjqkNKfGy65ZXY17mzTtpE5TG7R_mTYHLA6L7ZgxuR16O09epOW6jqkkPyT7tuJsQ5C3xyixOKoE7pijblId9r0BNkwekU3xoe7E2wsQ8Nwzb-K0CPMdgHVJzR2mso0WA_RRwpa8a4RwhHxgfLrDOEPj5nFrr291QuAgrrqltYdUF854TFfXArbNVy_6KFDeO-WgWtBlsBg6ZDCF3hajmBsFhKC4N6CJGWsA-1gerAv1BK6Kjk01_htXusNRce7PDsrKQBtk_8_Qq7nJagMa3swf-Nu0?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 zE4d0RFH5V-Q5aK8MT1mO6d_kRD5AK9J6rnzsj003iy0XXJrlCdvdyHIGv8HhEARkftvDEFVdC0MCeNcSjB4kdTXMMxJMUxBbTk6p1am5ak7o_LEUnIQ8jGD417EUC-DynuOquwzNncSsvKMINUGH1PxrozfJfWHN7S6EJvTmeQ2v0stcVb5rkv34e-vzFpxy-nNq...
aj1559.online/ 49 B
512 B 99ms
97ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zE4d0RFH5V-Q5aK8MT1mO6d_kRD5AK9J6rnzsj003iy0XXJrlCdvdyHIGv8HhEARkftvDEFVdC0MCeNcSjB4kdTXMMxJMUxBbTk6p1am5ak7o_LEUnIQ8jGD417EUC-DynuOquwzNncSsvKMINUGH1PxrozfJfWHN7S6EJvTmeQ2v0stcVb5rkv34e-vzFpxy-nNqDkrsz4JdguFVF3bczOw141nnzobK6BqozWM5gOSAU_ET9zFt1n5csuoDukUSMUQ6_LnSK26I89yAjAd2N9LUPdoHgnmXg0jO8_UnRc3mwqxo3FJjAmsp7IOUslBUvSV3fbNP9Lm4WYJswjZhuR8yf4-tcMmbrxRZjpNOxSECiKcxqVCvcDBTP2XHzxE895W0ryoMb0wUyVx3XH2c?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 zXu0Dcg_K2D_99lFi9W0Jvqz3OQfvm85sWF_I4EG-M8tF4VhFWDRBxNpDnWK7ABOTn2kPzZ3cWOWRMkKT2v1-_H9ncTaJqpuoia163krJE6lLSzG4xkeps2cgox9EYNY_0y1Z0OsmdDxRNBZNaAl3MFSbOsipeZy-mh3rpmdhoqvCFP5haKMsOiclTMBI0KzCqrjC...
aj1559.online/ 49 B
512 B 94ms
93ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zXu0Dcg_K2D_99lFi9W0Jvqz3OQfvm85sWF_I4EG-M8tF4VhFWDRBxNpDnWK7ABOTn2kPzZ3cWOWRMkKT2v1-_H9ncTaJqpuoia163krJE6lLSzG4xkeps2cgox9EYNY_0y1Z0OsmdDxRNBZNaAl3MFSbOsipeZy-mh3rpmdhoqvCFP5haKMsOiclTMBI0KzCqrjCULgRFa7CfZDju7NDsGK0KM31wv7OOAfloCgPktlvwXx1kBQ303botiPU4L7F9VDvOCW0K_tQYaOLgcvbkNbyaCnIGxyWoYc8xIyw1vVNf7ELfW_1Z250GfLCmVdTHZsaeAhLtxLkprPMxsjuPPX9GpXcBqFq68MRABihjPNepXkNK42d8dgWZavk4-_0YzgKaGF8xyHGZjIR7AnK?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 zs0pXh237qWMCgzYXSa1T961ZeB_8CC6em-GS0zlvKmZw_61htQic156iWMVaTN-OCTMVb50Od7YsbilUhWK3ZL_dqAd16F-PynwwlNTOB6fe4m5mqraqRpPv7P6XHRk180MUfSi9OrBRCL0-BtT9wzRZO9321EXRvMcMwRQ4LMU5RnsVY1N4lOniLRsk7dJg7SKL...
aj1559.online/ 49 B
512 B 95ms
94ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zs0pXh237qWMCgzYXSa1T961ZeB_8CC6em-GS0zlvKmZw_61htQic156iWMVaTN-OCTMVb50Od7YsbilUhWK3ZL_dqAd16F-PynwwlNTOB6fe4m5mqraqRpPv7P6XHRk180MUfSi9OrBRCL0-BtT9wzRZO9321EXRvMcMwRQ4LMU5RnsVY1N4lOniLRsk7dJg7SKLquERopWASiyp7EH-toQjdUTV3yTkHkirwLT3PRLcqMbWw7i9IW03JixmQElZ9hjxlGXST8CZHwLCaAXeGYpX7R-o0kfKaOoZzD6JvTtcUrNhrSGyvn2cxc4Nb9iWLwuCPaAcNjb57vp_W4j6ktkkn_hQjpdr4xEDfD_z_sH4ccwDGOPs6trMGVp91LCvhEqA4Sfe0jVeeinr5G9Y?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 newsmoi24h.com-passback-infootermb.min.js Show response
server.zmedia.vn/static/template-v2/passback_infootermb/ 43 KB
22 KB 3055ms
276ms Script
application/javascript 123.30.177.125
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://server.zmedia.vn/static/template-v2/passback_infootermb/newsmoi24h.com-passback-infootermb.min.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.177.125 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Byte-nginx /
Resource Hash: 7fbb02a8689502c57cc95264b92f335fa622b90163a8ce934ad48e143fbf6170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:39:41 GMT
date: Mon, 04 Dec 2023 20:24:41 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 06:19:58 GMT
server: Byte-nginx
ef-country-code: DE
etag: W/"65409c8e-aa97"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
ef-cache-status: HIT

GET
H/1.1 200 zkDwI_-hgzx6u3hSTQaLUahDUUVduBGWNdz8BYGVB2-ZX304-NZJx5HCvtVtHAuSLDGWD97o6MhroPP4VzQYvd6qt7eGFI3VaOSkY2R4SyBKK7oVhYGXHMqz7-0wMddoOZ8Ge0qMwipj-OYa7bav28M2GeUeuAdt_E3bXKyauaSJU-3DxWXJWNLE_HpMZTfWrvhy_...
aj1559.online/ 49 B
512 B 93ms
93ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zkDwI_-hgzx6u3hSTQaLUahDUUVduBGWNdz8BYGVB2-ZX304-NZJx5HCvtVtHAuSLDGWD97o6MhroPP4VzQYvd6qt7eGFI3VaOSkY2R4SyBKK7oVhYGXHMqz7-0wMddoOZ8Ge0qMwipj-OYa7bav28M2GeUeuAdt_E3bXKyauaSJU-3DxWXJWNLE_HpMZTfWrvhy_9e9pqvm-ug_iKi1o-BeTnEPE_nSWKyxd0IgntueyOyUvTL2t19lxsyhlYAYHunacPFEsGuPZ4iJ8ysFpx9MSdKdc-5fNM0KAbIZmRC13dP0sV1ZYfFJ-M5WFrzferainTOf2o_V4ud9-79YCk2sPRe_53AMqI8g5NYbtweE2pKZI5nets_IiB0wSihSKFJQ-QUWTgbfpdBojmnuP?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:38 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B908 139 KB
23 KB 658ms
657ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=1573534164&lmt=1701721478&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478217&bpp=3&bdt=1181&idt=234&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3125074850772&frm=20&pv=2&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=newsmoi24h.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223faaa9c651812ee6a00e19dc119fc0bef29c16c41e5f55fe47daad95f4456a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23040
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:39 GMT
expires: Mon, 04 Dec 2023 20:24:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B68A 170 KB
50 KB 865ms
865ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8412722389&adk=3910651328&adf=1651184481&pi=t.ma~as.8412722389&w=1200&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=1200x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478234&bpp=2&bdt=1197&idt=241&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=245

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7dee2c7a457dff4e07dc04013a73bd77f3a618f5b2fc21462afdeba5440b590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50942
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:39 GMT
expires: Mon, 04 Dec 2023 20:24:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91B8 114 KB
41 KB 718ms
717ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=6974737383&adk=1757034124&adf=830462564&pi=t.ma~as.6974737383&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478247&bpp=1&bdt=1211&idt=235&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=589&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5618c2b5cc448b4ae89ab1f5529d1ca3316fa7d57c24bdb1ee3912a6f8a8370d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42001
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:39 GMT
expires: Mon, 04 Dec 2023 20:24:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BAA9 108 KB
32 KB 574ms
573ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7646435628&adk=2965064849&adf=417458676&pi=t.ma~as.7646435628&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478294&bpp=1&bdt=1258&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9472f91207392e99937e603f1bd39a35854bb41f2dc0ca306728b874ad7628c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32230
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:39 GMT
expires: Mon, 04 Dec 2023 20:24:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C401 98 KB
30 KB 529ms
526ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4333914566&adk=1520105092&adf=1156386483&pi=t.ma~as.4333914566&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478301&bpp=1&bdt=1265&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=218

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6c7d3682a804c3d533e49db3c067727acc4573079e81fe0757653b27304b8e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30579
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:39 GMT
expires: Mon, 04 Dec 2023 20:24:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A28 99 KB
31 KB 504ms
504ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4348574046&adk=838291846&adf=1840397986&pi=t.ma~as.4348574046&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478306&bpp=1&bdt=1269&idt=220&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a339edf74660c7981301176fde5410bb710468d1c5365493af4052bcbc6e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31554
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:39 GMT
expires: Mon, 04 Dec 2023 20:24:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
274 B 41ms
8ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

0c8452bbd09486d33e5eef4d8f7baa4fc670defdd589d480b67a8c03d46c90d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://newsmoi24h.com
date: Mon, 04 Dec 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 5A28 24 KB
9 KB 34ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4348574046&adk=838291846&adf=1840397986&pi=t.ma~as.4348574046&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478306&bpp=1&bdt=1269&idt=220&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:23:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5A28 8 KB
823 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 19:25:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 5A28 15 KB
3 KB 75ms
10ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 08:27:12 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 5A28 376 KB
131 KB 91ms
26ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 11:48:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5A28 20 KB
9 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
599 B 38ms
5ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

73782e2e54a6b413ad1b7fa4e79762de185a2e875ab1431a2723bbf09db76aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://newsmoi24h.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://newsmoi24h.com
date: Mon, 04 Dec 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame C401 24 KB
9 KB 16ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4333914566&adk=1520105092&adf=1156386483&pi=t.ma~as.4333914566&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478301&bpp=1&bdt=1265&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:23:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C401 8 KB
1 KB 24ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4333914566&adk=1520105092&adf=1156386483&pi=t.ma~as.4333914566&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478301&bpp=1&bdt=1265&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 20:06:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame C401 15 KB
3 KB 60ms
9ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4333914566&adk=1520105092&adf=1156386483&pi=t.ma~as.4333914566&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478301&bpp=1&bdt=1265&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 08:27:12 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame C401 376 KB
131 KB 61ms
11ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4333914566&adk=1520105092&adf=1156386483&pi=t.ma~as.4333914566&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478301&bpp=1&bdt=1265&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 11:48:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C401 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4333914566&adk=1520105092&adf=1156386483&pi=t.ma~as.4333914566&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478301&bpp=1&bdt=1265&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame BAA9 24 KB
9 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7646435628&adk=2965064849&adf=417458676&pi=t.ma~as.7646435628&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478294&bpp=1&bdt=1258&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:23:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BAA9 8 KB
823 B 20ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 19:26:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame BAA9 15 KB
3 KB 22ms
10ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 08:27:12 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame BAA9 376 KB
131 KB 40ms
28ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 11:48:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame BAA9 20 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C401 0
45 B 355ms
109ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lprd14vd&c=8489128098881&slotId=4244564049440.5&qqid=CPK79cHO9oIDFQcR-QAd5ukHhQ&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C401 15 KB
16 KB 99ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 272718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C401 5 KB
6 KB 113ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 80986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:54:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C401 15 KB
15 KB 101ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 197250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C401 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CmQbHhjVuZfLgJYei5LcP5tOfqAjwgJm0cZOn3b-CEquv8-X1ChABIM7OhmhglaqUgqAHoAG8vdKZA8gBBagDAcgDmwSqBK4CT9DfFVWQCKeNjjmOmpFt2krE-wd_mrpAiE0udMDlxjN0PA-jxy6_lHqPyT8GCSsmn-C5b-HsFRQvAQLvDH7SaswXTw0vBu9uglH6n9lvZA4tdL34SV2nZS0MU50iZ8oq4Cs59W6PV34ckdSuCpqONb4i94RkdLQ1sPQHEvOBCpa_UnRqnkfawxlfCPd-gx0l_v5LMAJfwZWiq_qL2bQYCHp5K8uXOszK6S6hHsa_aRj2y6KKiK2Zkzuw1na5upR2CK82njQ_mWOgNhOWNEY7zduVEPHVevPo7YdN-Ld4pxkx4vrdVdOyAJiC0DQbIK-0JlL0LtUZOdIDlBC5Q0NXG69MUPlFJepuYv4Jty7LI3_ZuGHiTvIzh0O3diVvZt5Ai3DYrBcG2zB1f0MBon7ABKuV87XKA-AEA4gF4NTY4TCQBgGgBk6AB6zCrWaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliBhfHBzvaCA4AKAZgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJERbATw5a2FdATANgTC4gUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1701721479154&ai=CmQbHhjVuZfLgJYei5LcP5tOfqAjwgJm0cZOn3b-CEquv8-X1ChABIM7OhmhglaqUgqAHoAG8vdKZA8gBBagDAcgDmwSqBK4CT9DfFVWQCKeNjjmOmpFt2krE-wd_mrpAiE0udMDlxjN0PA-jxy6_lHqPyT8GCSsmn-C5b-HsFRQvAQLvDH7SaswXTw0vBu9uglH6n9lvZA4tdL34SV2nZS0MU50iZ8oq4Cs59W6PV34ckdSuCpqONb4i94RkdLQ1sPQHEvOBCpa_UnRqnkfawxlfCPd-gx0l_v5LMAJfwZWiq_qL2bQYCHp5K8uXOszK6S6hHsa_aRj2y6KKiK2Zkzuw1na5upR2CK82njQ_mWOgNhOWNEY7zduVEPHVevPo7YdN-Ld4pxkx4vrdVdOyAJiC0DQbIK-0JlL0LtUZOdIDlBC5Q0NXG69MUPlFJepuYv4Jty7LI3_ZuGHiTvIzh0O3diVvZt5Ai3DYrBcG2zB1f0MBon7ABKuV87XKA-AEA4gF4NTY4TCQBgGgBk6AB6zCrWaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliBhfHBzvaCA4AKAZgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJERbATw5a2FdATANgTC4gUAdgUAdAVAfgWAYAXAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4333914566&adk=1520105092&adf=1156386483&pi=t.ma~as.4333914566&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478301&bpp=1&bdt=1265&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C401 0
225 B 343ms
108ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lprd14vn&c=8489128098881&slotId=4244564049440.5&qqid=CPK79cHO9oIDFQcR-QAd5ukHhQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.hv&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C401 31 KB
18 KB 147ms
61ms XHR
text/xml 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B_AC65sDqm1NBrIVqN9GnhzGO429wvSTErmFR-qqTljb6Yxux-9pQkyxaUvDdK8HYQ3CPqwv0uQKH1DS0SB6_PKX9gcQ&cry=1&dbm_d=AKAmf-Bjf85cQH8p8FXLIDNMJNGw2KtGcKzhlOsJQXollwjcL-LLGJR5vYh8EUVrahicnZS_ORDWAVHwadAVfoOFS9bo3xr1QL4xTtf5kF9Gd_QPB8eMsjCsJfycdIQkZ6lDkJSvfFu8Z_7RDn1PcFSeey6RUsKpDsLEIaHT5KC5ndVLXd5lT9dnTE7B9hAImNN0aHhz3GxVp8P19n7R4-gHUU57ztOjTaeVDQbXk7wuYEGjkQNvvVPxzogQugXdRnc0nckiScIWIOtopA3HKvF4QBuavSMpGM_j5gFn0tOMeT4yLqQNtczq15ZhXzRhV5SENNtAQAy-ALB3SClH4X_YZ7jedWFfqpWuCzVCtIPNkkmulDxpwVDxR9a3NVlX2q1xIJCjDh0-1WtNq77K7Z_yZnMdQxjBOt_e4mGrgw5ekstDAGzkIVylcK4NOGfljMQlShVQAmJqy5AwavsqT_Ai-vlaNLWSnUz55gMn6JZ_-AIv_FmHZO2I2jb66eBJF4pAnLIYP7IofKD91R9FaCjA8Tv7Etkj_LOj0ZOULxbsMvCRq6T0WtQI-lpsu5fjlPShqCR5aQjWTvj_jyVgpUQY9IlkS8KA-h4DSb4-mnxrFTKgNHK1bIMkTsBH6WzQd-lDp_gtO64w0Vi9AsfLRHAHCk_4flhcyDdl-gUUOVnaJYDbuUzsfi5jFmVnVwCynw6vwxlIOYmCX1zGpqWp9WXu7S3A_H1Bfidf-mtKCCvuMAcdAGwpH1JpIQnDV6SVH3LQEQrEPMbWz-39vjQADSqqJQS6xzX_utmIoEYLOTkYLlE0zRyaBfAmYgZ7Ymm5wPaiFzSRmA3cMvi4A2Zp6jenmkHEI_-DMGHbjb3zjkOgKJma-hqkI4ZZLA-RGr6Sjxij3JWdlCuuDDr4DDnH2yCNvwIjpSrZAyWioniCyG5ScAF5eXdIkq3dL7NEU_YVHwD2ng8q70HsxVgvYHR5k_u7dGj4YwZqjCTMbmd-9x_LqHiTKrqTdEfH6NSK4KHwZ1i-U3yLMGef3BfIGeBM9s69rRwyEukz827mGJ-3-gyLLa0QzsQR5ZdwuB6Qnw07GoBhXhQpXS454ZzNyHCb7SL198rB-ZMB-UOKfX0nky9xrTDfweY9Hx_2SwmCmiP9XzIzj-FcsRJXTczQf4pqN3jP9m_GxFKSFGHBt65kRg18fz3lBs5bCF7MyDOLdNcfkHS-nTPSjcDotNNV7Vne959s-gm6Y7h24UtE77CdYsIGqR2NYNWJrAWAWtzOlApxaAabh0Kpfxe_QwWnSY0mxmJglBtgAZp3iifACbwe_6bBzeWuL0xSLgUxHdfGm92QCfXEIGn0K_lT34GRnX8yglTIvC-vDs_vDvh4nJou1E44qPW73SlHqDuC6JvKucNHreg7Uy21lK8UtTt-r_4N4VIqV7df0mCgJz7g-YcOjmxcjiXbsf1k3UeJvYDvaur84AjP6KPhnMuBiLh3TtGgVkKAMVtHdJEmIOAx5p4fm1UoBdtGc3s8r9MbQfFxczMgTs9NjcMANSklkzVkRVWPy-xPX_0WTwN1h1aGbZh-XxB1MoIby2Gqj6zk-Axw27w86OD7lwtEqGxN0Qb_M0ixRCPcnPdN25xTKKdbOc2f8mub_xa-fBUEiISn_s2sgvGS3OHE62hxHsT69ogHGw2zZK3jBPfIKjDO7r0SysT0bqXFMIiMELH7L1kLHoAATztxdkr9t4t5fTKHqtmypXqAHPzk7fhJcOlNVLgkSGcBibTHRWkCh3llUyVVxJ2j16m7AlV63McIVWpNkoMeTvJVKaRx4gFVs_V4J6Z2QynF6c26hXjon96Xkr7KrS4mcQs8iUafmxr76IXrajXPktzwl3iiEf282P2-vL0hoFRfSUk1UTKhxZb8X-z9jxjQBrG7Q7Keg9Y7r_GthYTGimQ-7avRQ9gKDfrbSfOJECoyrTbUZ4I1XKc9Uv1S_XohpxUOshptX3VdFpMn4J7p3dFHbEI2XEqlzflDSrcfcoYqU_7m9kkjQIFJ0dqeUDr0ldRo7igqzQm3curC0_zAhUpaKuXwaEABNQZfRsdqH3f__7hr4OMQw0Qv-BifDI0vqy8ejJxTkdvBlIzfnOiQj64SHKordaB-FZ1_3gyCo3mKIAYBnoOjn34BOjByrA6jkv3-CybNH25zRHrgpn7VxQmtu2yZXOx6KRH2Y-siBIzW1pROxC8zZr7Oinba5y5a7EikDL62z6Zr64aU48jCqIigr0XOnkhQHDo0UDeNPdysISWIVEsHSuhIIebJ9YC894FejkSf4cPja5gb1b7HcvOf1HyVgDCJ2P8IrTlB1DDaGaXXc8ChWwJR0_-OHxchWvjoa8hgsA2ToH2eDB99L1G8O1bZwWfRhBJEwfNsK6zJsuk0XV0lTq-Ik0e0mUDE8D-SM2ailJJd61PYJExj9xiYDZHZE_88cU7MgcDDGJWzuwNrsLznWvTnHwf4vQRZp3HYaLXcUVe60cp6QCdHMRvUdjSmVhpqelxuQkCE0hJUidicdYb-7xISHqhlu_CRBJm9U4dqjFBEDSrcYEEzY4LberksoACBs3cJfkFAZg5P79f1D6CdmqI9AzL4EkVkS5g-Meo_DApmQV-WWTFdEc74f2quvTqMYfG-R85a-UWdsYUtF4H0FhZauCAkx5eqQT1aQmUtoLwE87zwADqbtIVtBTFZ0mJe7r4CdQqOX2hPiWlwXsSqRbNxxpEmkhSrq-tzlpv2Czd4bgqNTbZ4a7oW5vjX2_46Y9q0hXYpc5K6QP5y90MCKK06yoJTd9gbsLBnxx9r4R0PRQzoqkwol5uTVRqAl6qQ95ouUIcxLJoj08sqPC6R2qfrD_Ki89N_4xAPQnhrITB-4r8q65RpFynekD4oFvls2EPblIsSbEJsxms8NssPammNsSEIxIE7n2_RtYN5G1iNjJ_etKrGi7V_21oZbrbLBksE_OHhzm8kKdD548EJUtK6UCR-7mIDAGh5OGvYn-aXBUC_nn78kis9s4kZQSpyKc4SHrc-w1aev7Er_dNBZrpnxO249swVg0c0xEnCki2qHj9fMv7ibGo0pST-hOS6UZTZL-dDfO-zrN1N1G7J74-bMrDROKbr7kw1r3O77FSP0_4NTi2a5O5ws3CPJYqOUJDshDxZ_uNtcGGRWC1YfQcpPHA9P87-tK_YSKII4Ymqb2eA2hDNfBRlQt4C-MHl2vEaahKIl5oFUfO0uq3QZu1nMLfWYk42_LrZdy81HJjdRDKoqjEUWdWMiQljAnUuxjr9uBXdklVEnCifI0FQMuOeQLY8n7Ys5GWUYPzxQw8qyRfFwDE4Kf1aGoXDSBChdkHJ1Isy3QB9pw6T1hhFDdp99GeoKvJhQww3BNxgMOmpDSd0NGpEkBhRKGvGkhRZU4pAhAVyrQX7x9fUIFxW2WnrDeRw6DO3jeh5FAKvLiWRCV-xBV9qB_zqIn-XTeITzb7Oa118KAMytLcKqmcnp-2mHdXoizUcYgek4EErwxiFlOW9w3RLBgi7d6DywlQ0Awg_ssbg9NEdb92PVOlHGKp568yMJYJjpJJS6q-jRdBeNP3e3K915hcu0gHSg1M_teH9VU100Sf9LgACiv5H9f7v3MJNTMPDckAihJWQSRi4OW06TanTnWJ6-FR81BOchGBxLFefqX44YNdYyUIWlN62-8dTjtHBlylMOh11KEElVDeWjIu98V3A8Yz5OEuTABddbBqZnAeWJfSPDckyen3O6ESwlW8_BQPcu6i3Ri4o3Rx8yWqCRahId1-5XtmVUNY19w&cid=CAQSTgDICaaNZMTLxJbjUV-l9NqaEd08KoZthX_bYjzS3m-xJ4TBPDTrQBDznNjbmEYIuD3Ob1ZQ54upGi6SvnBvXpKjuiJdBml_6n9lnAGzuRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f156.1e100.net

Software

cafe /

Resource Hash

502a108cf58864ad89b2f80c3b31b78fa81b528971a739ed26aa4fb3d2793d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17649
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5A28 0
45 B 321ms
110ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lprd14w3&c=5977401285216&slotId=2988700642608&qqid=CPTf9cHO9oIDFaYt-QAdfDANNg&fb=outstream-lima&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5A28 15 KB
16 KB 76ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 272718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5A28 5 KB
5 KB 83ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 80986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:54:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5A28 15 KB
15 KB 76ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 197250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A28 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C2SvihjVuZfSEJqbb5LcP_OC0sAP8tdGpdJGznYy0EujQ74CZAhABIM7OhmhglaqUgqAHoAG8jo7uAsgBBakCX2hh8Nc0sj6oAwHIA5sEqgSjAk_Qo0ZHej7PTtefBF62GQqggYAA9-ij_eSBDZILVHbiXWIOm0gDiOw5FJP3H9yEwzNzxJ73iTdE55EQWWyFmBz0Y6ctjtBNKDswL6ujIOllB6bYx18FP5Ph0NZwCje--8x-LbZNQrA_dxDt5JRbF_OVk4BpoXxBXX5K6wXf9GkVl9Gf5wfKMo8rzpAe06Yriy1nVCpgACwcP2aW1_17o-ysH6xI6mtqrXZKdryzk7Dxib2QCvXf4HSZt2rOAXBCAOgkbZNDsYqbtUsBeYVgQhGr5RshXRCfjJrAABEHGvmaW2Xzhanx70oBk4SuDJDJjZX_SCw5lOocP91izHBKCtcIi11vl8P0qa4TTSLI8Qe6owTnkmMoTx7e9TWeH0U_Wklc4MAE7biz4LgE4AQDiAX1k6G3TZAGAaAGdoAHrPHxkQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljFnvHBzvaCA4AKAcgLAeALAYAMAaIMFCoSChDktLEC7rWxArW4sQK7u7ECqg0CREWwE4CvyhXIE-Xfi-QD2BMKiBQC2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1701721479188&ai=C2SvihjVuZfSEJqbb5LcP_OC0sAP8tdGpdJGznYy0EujQ74CZAhABIM7OhmhglaqUgqAHoAG8jo7uAsgBBakCX2hh8Nc0sj6oAwHIA5sEqgSjAk_Qo0ZHej7PTtefBF62GQqggYAA9-ij_eSBDZILVHbiXWIOm0gDiOw5FJP3H9yEwzNzxJ73iTdE55EQWWyFmBz0Y6ctjtBNKDswL6ujIOllB6bYx18FP5Ph0NZwCje--8x-LbZNQrA_dxDt5JRbF_OVk4BpoXxBXX5K6wXf9GkVl9Gf5wfKMo8rzpAe06Yriy1nVCpgACwcP2aW1_17o-ysH6xI6mtqrXZKdryzk7Dxib2QCvXf4HSZt2rOAXBCAOgkbZNDsYqbtUsBeYVgQhGr5RshXRCfjJrAABEHGvmaW2Xzhanx70oBk4SuDJDJjZX_SCw5lOocP91izHBKCtcIi11vl8P0qa4TTSLI8Qe6owTnkmMoTx7e9TWeH0U_Wklc4MAE7biz4LgE4AQDiAX1k6G3TZAGAaAGdoAHrPHxkQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljFnvHBzvaCA4AKAcgLAeALAYAMAaIMFCoSChDktLEC7rWxArW4sQK7u7ECqg0CREWwE4CvyhXIE-Xfi-QD2BMKiBQC2BQB0BUB-BYBgBcB6BcF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5A28 0
45 B 316ms
109ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lprd14wl&c=5977401285216&slotId=2988700642608&qqid=CPTf9cHO9oIDFaYt-QAdfDANNg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.if&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5A28 32 KB
18 KB 247ms
187ms XHR
text/xml 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DeBfEd0wpFmtRQtV1uVN4WRvE-1Zd1f6Q0d-lUpRCvUPufZTIQpNtB3neIvldCwuS8ojBt0qB2AVxWx0diDnaVlXYzYg&cry=1&dbm_d=AKAmf-Am_nxWvVanUFKvn84z9gmfBQvdm6vchM0envKnszng2ru0Jk6gHkCrZOe3kEZ58Ej0PQnUve4xkbd_erJATehrEFIH0dt8Ry1gQgktB2Z1_IVHU-PlU93N1Hm006qndp7ndGp5wjiQj8YKmB6m8osgp6rPNFIJn7AWg27CyVwUUfSqwELx8Ms5BUPmE09dXvj1YHnh1cyzWA6HrMm5dshUSUohCQxcXPal2vg7ZRMTuKgHRlBklmt8CHOXnegnRVjWux9VevPUbfb7qFpgLhHQ7ooxgoDoJ2gLU5C3Bg-IMED5U5Xejs8-FluWZfs2IsdhbXAzdImNEPt5n-szBn1G3pCoypnGkE6v1M1twLns3Gq-M-EsW-C9coCtbXJ9b5_LayUg9Lm1m5KltpJ7RSp4zAYGmSrhQRFKv8hCml34ZosCdgPILUL0TGjmiGqY-3-f6DDvmW9PFn-x_Kvjr483c3sl-mrCx-m3z_6BJcoQtTz7N_yEx3EUyZ4dkMy1yl242YhDdtwVEpGZJ_RFU_Jz6mhd_5rhjm4sCh4sXxL208490UTmxoE-eBN07qDFBraVXU-_EszobgiutiyfxyanctLVZGCZEsLHP3HohMf9WIXIfWlhgUmKQsE-ZhNOBiQ_-FX740Yhn1trn-5U2dYV2_zMnjS4RUygGvkLwYylJWuKm4IEQOAf_j1eVVe6AXsVI7yvVr4UNT5zirtSj27g3124d7QMQjyZZ3s4ZHYuFEnpbqqtaT6BiK9tD-ynSskIh4QTkxx4Lgo--3QAPdAiHdeqEUIkUAHXYq6suqaz0A3oKO-MffGm-ZPBvFlZ1nYyAPSSymeXfq0MWOtHnElt7BbcMXQFh8Ar4mlRP9rtkprjgJL-WEjZ0eHAhBieidMF9jpFz5wuxTZl99gBsdvbv1B8ZWwlMVp9qJI1fgk_8F3eukAeLa8a0pXjLLyGhTMtv322aOO4_sbql2aAXqv8Do081O8_0i20EEo_1dXm4L2vkUi3buoGclYF8sXYpoY_wYSP1sF8uEldwSco1IVxnDFgiKmiiCbVD3fWfO2R9GHxWE5XsLKquTSVajUK4YiQyU5dB89cdd3Rf_88C34wiK3zuOWXdcgr7xpk3rqnRe-5Xg7y3eLPzIXbFgsK0gzMwd99rqeJVnPgU12EGgvZkVW6tt6w8Xxp8GLGTUSIRrcEfRJ2oo0AZzh6UdEp54PF5yAuV3yH4tsl3u-k0zkEo6IJ2C7Lw7DYx0Iy-ORQl8NZNjyKf_6KT-yit2jMDZknfDswYuYzlPqNBrQV_rpodJ_Iah24hl2cMcaE7WWpWjcYOGgs7P-nOcgswBZqkiMbcrE5oohNhED5zcElmHkc65ehH6NS2M8WXT4MZ9f6k6CW7e19nvzUPuT70bYiNemeR3bdd1rc2eJ4LEduax5vtC5X_R5AJ6L_nEIBliug3F1rb7kbUnCUaUw5iQRC_4PKdHSYuqST21WzY8yF6cIvRKew3EMn1yEoF4XLCV_kAWoxGoupKTWp1uLqgABDILcgPWdgbyAUptHAfFe5xl6b96At1lipCq-DjcLR8n4L3fPJDsfBL4SpritPpYQ4Gj-f4Nw455YwvpkDm1c94uQ9oaPfs7mRioOalnmwuOexv6tW1kpEf06uJBO2T72k2uRKW4v-CQ6qDXKIjdOGmUAUKscDNnnXTAjY86ELhMmMoWcmfpLK26I28ebuYTZ4EYADo1seK-hxwg9O_9F1oPI3NR2ooDP8L7JxcpOzVsoZplq4iD6MaXeKr0RmxeV_DtOuvMLHDseAS1XXfsINfCsYgvrrcTuUG0wKarAXyhYQV36ZBg2rkq6YfjaiWGFGKMqqv424AoBRBbA6Zjwr-Ezhg4PiRCCoBrt37XmlbyIyOm-5_ZfZ-A3sI0H3UQXOVsrmrWyOlo6d0l7qePsCMR24Qv8lY0pv34trY4AY999TtBzUvf0iGp1diTjMs3Y4J5AxS2GJPjwoS-xRDem_XOSA0MZKm4BKV-lds5YiW8tXSmPqgj-N3xLGSqvOo1W9y0gYUiRknExL4ocIH314OVaHeIK42MUEI3N6l7y8DnslmaGVdZtY9EzluLOGnqV3XHO5HZteL-sXrfjdSEWznkF9DtWTZssXLWw8hN0I4CT_GRvR02yP0M1-2wm3UxFyConfxLWKleN_zTf2FxXNA2rDW6pGTkLzoqyr0VWQ1MJosf0idYV2BKACshMPDw9pfO4uo4kfs5LHED05lksW5LN8Xmpo_9vmBPHeeeEbLW7HBs34bKur37zdchpks6s8-ZXX3G5564_E-hFiyl9-y338SWOHfPHO8bbww_CORxjZhtvH8j9JhsQVfDnkr9c5VJcGLm2suIulebglDWlaLri8bJ3iXEI03B3YTJK-ngTROkJJ7ebpFuYbIDZvWeydhEDDyhmhLCfb-bZIEmf5Mptc95Yjgy2r4ActEZQSvL4U5fWMSMygGsyASBsH9PcJilttcb6yO1M8qPuBtL5IiB6L4SbDve6g9fQCMxEqDagjVOBFuRtpvpwHG_OlwO6qXlgZP6F8oj2PpLfP7q2iBgE37IqmhML2rYwDa6ARFnoEd0mKS5MRlHwhbmc83K_t4f-9o8hfp1l6KS-jZMtw7fA-PsIELbtP8aJgVi4mS_NZNqf6nobSKPa4qA3AlRpYFqaJxVEmGdSgKHvw7ivZIp65ntZP4TmccSXHZT-fos9wn89Cj1SBG1lMMKMI4gue0l43-A9dcvK2oqpsvk_H-6jmD0rNkC5tEpDdY-7coYtdxwy7EDMOK7N16r4REfcSSYWzoTBCmgJEWkdU1PSjamH3umkoufErjTqpTe91Fx2E7kvdtiGjQ9PWMHEtt62giaCXWUbyBtEnmfLpc9ConWq1e6jxqgO211s73oGuZPLW7F-DE4M_eVjNDdA7GS--y5uvGK1iXsWO8_pSTZ4Jbz5KWnPwBJy3Kz8E_MijnmqlQaX9MYBII44JoLEeUdBd85kxtQrd4NvtQ7vO4mnn48xygsUaquIdb8z8_28mmBFJ8wNLcGneilfYiOM9z64iPAqzQcS83ddd4NJa_fKDtbyJS0JG_Srh_NdhG8Hr60mHoOnNnGX31XyhcOSHEub9WysnL3Be3yyvyN0nwp2p2bRyf9TPGkM_lynd8zkCSYkYtoXm6pwGhnngSqH8XeEvMQZTHwL1YMOscwQ4n-Q6PKRfdkhVHAJnM5z_8SS_9tuOXGhtDYzxieyFdm1Py0TC-3Lod5Au1VmiXvFOd9VOU1da5za0zv0xa7ejRX57LZVBTe5vSs-dLo379sqUKDxu0XlNsVoL0CIc7xVruvjfKqHgDS0qlef-EKTEgCvSJUaLAF2nN6cH_vT1lbwDtHK1KYbNSyPdI6bFTUGGPW9Oae9JSlYOWu3p3So17Dv-XGwOeHh53w7xWPL_oDOrmSZ7s2tv_muFFHw5o1HporHUcLQk7R8TWLpxtH2Ofk3H9XFZkxALS4Y8hgSvuVe0o8BS-7EC7i3hkD3a0NTXQ1x5iA6XYWwHOWb1cZF1FzbaABzWmQwPvYAG5U5rLSB-ANLuR0-ISq2Ce4LOgJqK8un7hKl7sgF6j8Tc42Zdq7V73QiN5pch6iPbGISN7v6AageXENbdBjBFhjUIL23KvP9c3ljR-wxStZs3x-wNFzcKfj4odkKSToCvWjxAMK3K5tlZlRIOzYjVgdN2veNLGWrstjm9L58T2_fUxpa-C_REDBVmZ1BKrfyKq_7R3hr6Yu26kwP0trlCq0HijX-uXKbqXpe4ENkaJvibeLgxYerYVEHarlNRjxe_vFwg8DE2wQ6x9RvrvNXYQEnEYHukUhS2yvcgQH4Wp9Kh2wkm8n6XQ24SBkJ8uGaElU-vQaA9JC-HG5zSrdnvQQJ1wuWDANszOICXqVURD6TW5RSYLodDcQcrv67IVTgg6HyYNoKRW3k-3tK2fvp71xlBwS6FIh4DDzzBZ4tZ-6kgygOQfYKGm1uYHpB_Nq_7JyQ4vxa7maTiWi8t4B93UBp3qWkolm0y6d2IfKQ5AlzCXx2X3mEX2zMm8ummVREpFjum94hAgReU38OoUgqtSaPlWju_3dGNgurA8_hcMVgI-mBgC8MigN2UW-JXu87xJp_YANvITVI39zu3ydFT5eX-GBP2qfFAXuOxUpys7qwYRQ8LEBwvRZnOTyltiw4tGC-pOb6EqRG9sGtRLSWb_onPzilkMv5HH4_h5KQ2BRDHGKaZ5LORgqmH9dwpxEIaJG0CM80f0x8VIWvcI9yctIoaMD4DKkfR_axikhBG5rwKdNhpH_8MgCj93xMTQepXimeqFIbO6JFrUhej9WDPW4IHd89wDbNrdNRRjoJq6aH3dgfCpDQFwzkP7xekYA8ZLr42asZUIY9s-PBsRc-yudXxFg5sAGxhblkcU5YkRC27_A3WUN8ZehVsNR8IglmpwxGRIlkjaHfDjKD_OSXslY5Y1t7ZSCdnX53p5bbVx0uJrySVNbZyaj5qkIL3jgdv94ujjbnWUgmq8rOtfthao-B4GBVYRl9DZmr9j3U0CL-1Zao1VjCYOqjQJ-N5f6DEg1NLx0rJyz--G9nQhldFmdQNP3xhPs9wkCydK2ASkJLjcd5kxg1Bk8S-zzyZMhzl-B1z_Jg_Qzk5fZY868zBhH6BgJIg2tBTkeTedrqQ95K4BbIMvq7fnI6tbhDhWUs&cid=CAQSTwDICaaN-TSgOV_0VYqDIMdZxigUDBvjfqfVMoGsG6Dxq4pXXMob_6WIUdjswLTmxg8wRyHEMVwaCqJEuZB-ENRocqbSnXieCZfqnK-KRrMYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f156.1e100.net

Software

cafe /

Resource Hash

28676f932a88b49b887aa01f46bdfb2f7acf54e14339286b0c05409c249ede67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17744
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BAA9 0
45 B 310ms
109ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lprd14w9&c=3016071567961&slotId=1508035783980.5&qqid=CM7p9MHO9oIDFQsu-QAdISkMDQ&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BAA9 15 KB
16 KB 71ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 272718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BAA9 5 KB
5 KB 74ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 80986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:54:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BAA9 15 KB
15 KB 68ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 197250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BAA9 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CrfI1hjVuZc6OJYvc5LcPodKwaPy10al0kbOdjLQS6NDvgJkCEAEgzs6GaGCVqpSCoAegAbyOju4CyAEFqQJfaGHw1zSyPqgDAcgDmwSqBKICT9Dz9_iUGY-NNtv8gn-McDqcN1rYlaGrrHUT6TMpFOTYKCeI_jad1XaCtozsZyASZiKgib8qtxN1W43NqyntOyvTDI5573tXZD8OiAwc0Jxvu3-ixJa2X-XWk2bY3sMvOqu7pySmLPkZe4GjScz39kjVH3MJftQqrpzpej-ZFsBSdMc13MAF48HegrcnYJ88KJm473CHO3quw9Ojpb6rLI68skniqSi5mWvZkzu28fbqqMhEZTTbu-0ZWzVrxeedA4ecyKMBEzTwYwBP2Ttgj1FNikxm5cSGUbf9hgqNqpAROinsY-Fm4ViNjycm-BZfDExmz2gUcPbVqIuOErlC8JhjtOSEDagjk3HAhXEZrZdvxcXScZGKc_AblDCkmUJDHHTABO24s-C4BOAEA4gF9ZOht02QBgGgBnaAB6zx8ZEBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYi6fwwc72ggOACgHICwHgCwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATgK_KFcgT5d-L5APYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1701721479199&ai=CrfI1hjVuZc6OJYvc5LcPodKwaPy10al0kbOdjLQS6NDvgJkCEAEgzs6GaGCVqpSCoAegAbyOju4CyAEFqQJfaGHw1zSyPqgDAcgDmwSqBKICT9Dz9_iUGY-NNtv8gn-McDqcN1rYlaGrrHUT6TMpFOTYKCeI_jad1XaCtozsZyASZiKgib8qtxN1W43NqyntOyvTDI5573tXZD8OiAwc0Jxvu3-ixJa2X-XWk2bY3sMvOqu7pySmLPkZe4GjScz39kjVH3MJftQqrpzpej-ZFsBSdMc13MAF48HegrcnYJ88KJm473CHO3quw9Ojpb6rLI68skniqSi5mWvZkzu28fbqqMhEZTTbu-0ZWzVrxeedA4ecyKMBEzTwYwBP2Ttgj1FNikxm5cSGUbf9hgqNqpAROinsY-Fm4ViNjycm-BZfDExmz2gUcPbVqIuOErlC8JhjtOSEDagjk3HAhXEZrZdvxcXScZGKc_AblDCkmUJDHHTABO24s-C4BOAEA4gF9ZOht02QBgGgBnaAB6zx8ZEBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYi6fwwc72ggOACgHICwHgCwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATgK_KFcgT5d-L5APYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BAA9 0
45 B 306ms
110ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lprd14wv&c=3016071567961&slotId=1508035783980.5&qqid=CM7p9MHO9oIDFQsu-QAdISkMDQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.j5&vast_v=4.0&vmfc=11&vhc=0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257478/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame BAA9
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257478/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257478/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

66ms
8ms

Fetch
video/mp4

2a00:1450:4001:1b::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257478/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3D6E119C1242DFD03FD14DC61B4F3D5607EA3D8E.71B589A4984B2DD18B6B9C388CDDCA802DE48AFF/key/cms1/cms_redirect/yes/mh/q-/mip/2a01:4a0:5a::10/mm/42/mn/sn-4g5lzney/ms/onc/mt/1701720247/mv/u/mvi/1/pl/29/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:1b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 20:24:39 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 6022235
Last-Modified: Mon, 20 Nov 2023 13:06:35 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 04 Dec 2023 20:24:39 GMT

Redirect headers

date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257478/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3D6E119C1242DFD03FD14DC61B4F3D5607EA3D8E.71B589A4984B2DD18B6B9C388CDDCA802DE48AFF/key/cms1/cms_redirect/yes/mh/q-/mip/2a01:4a0:5a::10/mm/42/mn/sn-4g5lzney/ms/onc/mt/1701720247/mv/u/mvi/1/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C401 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ed88873006c9435e8b054d445f647e73afad5fe0df02636bed3f9a689a19c5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5A28 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15d9597c95c96bc8fb99e9347ad55be9171d6bb50026a032171b0b77f5bea929

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BAA9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34455c2915ed5879e7a5b8c27b5bc17fe3c7cd320154d33ca736c6d6b9f0b966

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 16105690184334946219
tpc.googlesyndication.com/simgad/ Frame 91B8 65 KB
65 KB 12ms
12ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16105690184334946219?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmXhUP3F64jIaB3fcIXAL5OjVTW9Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=6974737383&adk=1757034124&adf=830462564&pi=t.ma~as.6974737383&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478247&bpp=1&bdt=1211&idt=235&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=589&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4db1498122d70c1d19ed25877bd48915a28685d171ee00a451d98d975c5be06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:28:37 GMT
x-content-type-options: nosniff
age: 3362
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66726
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 10:05:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 19:28:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 91B8 24 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:23:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 91B8 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 13:51:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 91B8 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91B8 202 KB
64 KB 75ms
47ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 91B8 36 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 20:00:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E7D 143 B
166 B 11ms
8ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=6974737383&adk=1757034124&adf=830462564&pi=t.ma~as.6974737383&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478247&bpp=1&bdt=1211&idt=235&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=589&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:04:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 160 KB
55 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c5126e8f47730475e6e5c43726efb65cad3a3c0967e8c981da8f93cb39a0923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55940
x-xss-protection: 0
server: cafe
etag: 9823698694870765081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C401 0
0 47ms
47ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcyouhjVuZfLgJYei5LcP5tOfqAjwgJm0cZOn3b-CEquv8-X1ChABIM7OhmhglaqUgqAHoAG8vdKZA8gBBagDAaoEqwJP0N8VVZAIp42OOY6akW3aSsT7B3-aukCITS50wOXGM3Q8D6PHLr-Ueo_JPwYJKyaf4Llv4ewVFC8BAu8MftJqzBdPDS8G726CUfqf2W9kDi10vfhJXadlLQxTnSJnyirgKzn1bo9XfhyR1K4Kmo41viL3hGR0tDWw9AcS84EKlr9SdGqeR9rDGV8I936DHSX-_kswAl_BlaKr-ovZtBgIenkry5c6zMrpLqEexr9pGPbLooqIrZmTO7DWdrm6lHYIrzaeND-ZY6A2E5Y0RjvN25UQ8dV68-jth034t3inGTHi-t1V0-oBAndDpl2yb160DD-854rv0KZCBSnvR8WfrmhaRU8M8tfVSg0loHYNUcEW5CxMV8crb5tu57DsgIvh8ymmAhg2LTIAY8AEq5XztcoD4AQDiAXg1NjhMJIFBggbEAIYAZIFCggiEAMYAUj3zw-SBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB6zCrWaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChD88gYY0rDF_AHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIGF8cHO9oIDgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxArATw5a2FcgTo66kB9ATANgTC4gUAdgUAdAVAYAXAbIXHAoaCAASFHB1Yi0zNjE5MTMzMDMxNTA4MjY0GAA&sigh=7qdOY9guNqQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNZMTLxJbjUV-l9NqaEd08KoZthX_bYjzS3m-xJ4TBPDTrQBDznNjbmEYIuD3Ob1ZQ54upGi6SvnBvXpKjuiJdBml_6n9lnAGzuRgB&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4333914566&adk=1520105092&adf=1156386483&pi=t.ma~as.4333914566&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478301&bpp=1&bdt=1265&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4333914566&adk=1520105092&adf=1156386483&pi=t.ma~as.4333914566&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478301&bpp=1&bdt=1265&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=218
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5A28 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVzQkhjVuZfSEJqbb5LcP_OC0sAP8tdGpdJGznYy0EujQ74CZAhABIM7OhmhglaqUgqAHoAG8jo7uAsgBBakCX2hh8Nc0sj6oAwGqBKACT9CjRkd6Ps9O158EXrYZCqCBgAD36KP95IENkgtUduJdYg6bSAOI7DkUk_cf3ITDM3PEnveJN0TnkRBZbIWYHPRjpy2O0E0oOzAvq6Mg6WUHptjHXwU_k-HQ1nAKN777zH4ttk1CsD93EO3klFsX85WTgGmhfEFdfkrrBd_0aRWX0Z_nB8oyjyvOkB7TpiuLLWdUKmAALBw_ZpbX_Xuj7KwfrEjqa2qtdkp2vLOTsPGJvZAK9d_gdJm3as4BcEIA6CRtk0Oxipu1SwF5hWBCEavlGyFdEJ-MmsAAEQca-cJah6mN0yHd2K1DG9r9D5d9b6OM1hR9ZzDWeBjoeukA_hAPvI3LByxxgD1V1wNkK1MM3cm-e4aqmaoEX1vNErCjwATtuLPguATgBAOIBfWTobdNkgUGCAMQARgBkgUGCBsQAxgDkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAes8fGRAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEKPpCRiSzfn-AdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYxZ7xwc72ggOACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxArATgK_KFcgT5d-L5APYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItMzYxOTEzMzAzMTUwODI2NBgA6BcF&sigh=Gxawy_yPEKo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN-TSgOV_0VYqDIMdZxigUDBvjfqfVMoGsG6Dxq4pXXMob_6WIUdjswLTmxg8wRyHEMVwaCqJEuZB-ENRocqbSnXieCZfqnK-KRrMYAQ&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=4348574046&adk=838291846&adf=1840397986&pi=t.ma~as.4348574046&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478306&bpp=1&bdt=1269&idt=220&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=223
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BAA9 0
0 46ms
46ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgAoyhjVuZc6OJYvc5LcPodKwaPy10al0kbOdjLQS6NDvgJkCEAEgzs6GaGCVqpSCoAegAbyOju4CyAEFqQJfaGHw1zSyPqgDAaoEnwJP0PP3-JQZj4022_yCf4xwOpw3WtiVoausdRPpMykU5NgoJ4j-Np3VdoK2jOxnIBJmIqCJvyq3E3Vbjc2rKe07K9MMjnnve1dkPw6IDBzQnG-7f6LElrZf5daTZtjewy86q7unJKYs-Rl7gaNJzPf2SNUfcwl-1CqunOl6P5kWwFJ0xzXcwAXjwd6CtydgnzwombjvcIc7eq7D06OlvqssjryySeKpKLmZa9mTO7bx9uqoyERlNNu77RlbNWvF550Dh5zIowETNPBjAE_ZO2CPUU2KTGblxIZRt_2GCo3ykfNgIZaz0_RNiBL71rmm5qVQiJzigZlcH3DSr4Sxs2voHIJWuEDVcA29aTVO5DVEOLbr6crfdA0HAXFR4vMWu8AE7biz4LgE4AQDiAX1k6G3TZIFBggDEAEYAZIFBggbEAMYA5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHrPHxkQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCbnAgYks35_gHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIun8MHO9oIDgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECsBOAr8oVyBPl34vkA9gTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi0zNjE5MTMzMDMxNTA4MjY0GADoFwU&sigh=5sVcCDtiTJg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNJj7pgFw_8ckCMdeZ_j5oEKQwBQuHsjtU653Cxcpej-oRLAlIPRD3VjnJxlKbdzpVRcDyKYAmbA7RWeqIK1Zmrq0RkLshkTzJhU8YAQ&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=7646435628&adk=2965064849&adf=417458676&pi=t.ma~as.7646435628&w=820&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=820x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478294&bpp=1&bdt=1258&idt=216&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C820x280&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=219
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&hl=vi&pvc=28292592341068

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C401 0
45 B 185ms
110ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lprd14vy&c=8489128098881&slotId=4244564049440.5&qqid=CPK79cHO9oIDFQcR-QAd5ukHhQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame C401 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 22:32:49 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/9ab2844aa052e94c/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214695/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C401
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/9ab2844aa052e94c/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214695/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/9ab2844aa052e94c/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214695/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

66ms
7ms

Fetch
video/mp4

2a00:1450:4001:f::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/9ab2844aa052e94c/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214695/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/294F956F91EB191FB47DF4E23B25EB5DF3ED597E.3485EE31A1A0410F564BE5C8E9E9717118ECD054/key/cms1/cms_redirect/yes/mh/RB/mip/2a01:4a0:5a::10/mm/42/mn/sn-4g5edn6y/ms/onc/mt/1701720247/mv/u/mvi/4/pl/29/file/file.mp4

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

HTTP/1.1

Server

2a00:1450:4001:f::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 20:24:39 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4304974
Last-Modified: Tue, 31 Oct 2023 15:35:53 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 04 Dec 2023 20:24:39 GMT

Redirect headers

date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 645
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/9ab2844aa052e94c/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214695/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/294F956F91EB191FB47DF4E23B25EB5DF3ED597E.3485EE31A1A0410F564BE5C8E9E9717118ECD054/key/cms1/cms_redirect/yes/mh/RB/mip/2a01:4a0:5a::10/mm/42/mn/sn-4g5edn6y/ms/onc/mt/1701720247/mv/u/mvi/4/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 91B8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68c07d87bd0729b566fb75502a5849862d04cdf5d7efd7aff874e14cba67ac9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E7D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
33ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:39 GMT
expires: Mon, 04 Dec 2023 20:24:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame F241 23 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 255503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 21:26:16 GMT
expires: Sat, 30 Nov 2024 21:26:16 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame B68A 14 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8412722389&adk=3910651328&adf=1651184481&pi=t.ma~as.8412722389&w=1200&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=1200x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478234&bpp=2&bdt=1197&idt=241&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 19:24:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame B68A 225 B
249 B 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:44:05 GMT
x-content-type-options: nosniff
server: cafe
age: 38434
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Tue, 05 Dec 2023 09:44:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B68A 2 KB
822 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:24:12 GMT

GET
H2 400 data=YDss0CWvj0zs6SPfO4u1l9kK8F2UGREaAJi4c7Iyefgn8x28Dqioa9u8HELt0Zo-c9A0zYQDmJlstV2BPLzb_6sTV7C2s0upviHYh_CDkeJlAyB6aROemuIlmA
mts0.google.com/vt/ Frame B68A 0
0 77ms
15ms Image
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=YDss0CWvj0zs6SPfO4u1l9kK8F2UGREaAJi4c7Iyefgn8x28Dqioa9u8HELt0Zo-c9A0zYQDmJlstV2BPLzb_6sTV7C2s0upviHYh_CDkeJlAyB6aROemuIlmA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=8412722389&adk=3910651328&adf=1651184481&pi=t.ma~as.8412722389&w=1200&fwrn=4&fwrnh=100&lmt=1701721478&rafmt=1&format=1200x280&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721478234&bpp=2&bdt=1197&idt=241&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&pvsid=28292592341068&tmod=1272974720&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame B68A 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B68A 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame 1FAC 9 KB
4 KB 13ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 02:32:32 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 02:32:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame 98CE 9 KB
4 KB 9ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 02:32:32 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 02:32:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame B68A 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:23:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B68A 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 13:51:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B68A 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B68A 202 KB
64 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame B68A 37 KB
16 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
H3 206 file.mp4
r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257478/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame BAA9 1 MB
0 361ms
349ms Media
video/mp4 2a00:1450:4001:1b::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 04 Dec 2023 20:24:39 GMT
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-6022234/6022235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 6022235
last-modified: Mon, 20 Nov 2023 13:06:35 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H2 204 csi
csi.gstatic.com/ Frame 5A28 0
45 B 112ms
112ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lprd14wp&c=5977401285216&slotId=2988700642608&qqid=CPTf9cHO9oIDFaYt-QAdfDANNg&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A28 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 22:32:49 GMT

HEAD
H3

200

file.mp4
r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257479/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 5A28
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257479/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257479/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

238ms
237ms

Fetch
video/mp4

2a00:1450:4001:1b::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257479/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5013D3659A18632452144737C0F23A12FDB2512D.41C6096DEC2327EE2515F0CFC45989CB0490C417/key/cms1/cms_redirect/yes/mh/q-/mip/2a01:4a0:5a::10/mm/42/mn/sn-4g5lzney/ms/onc/mt/1701721301/mv/u/mvi/1/pl/29/file/file.mp4

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Server

2a00:1450:4001:1b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
content-length: 6022235
last-modified: Mon, 20 Nov 2023 13:06:35 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: null
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: null
expires: Mon, 04 Dec 2023 20:24:39 GMT

Redirect headers

date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257479/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5013D3659A18632452144737C0F23A12FDB2512D.41C6096DEC2327EE2515F0CFC45989CB0490C417/key/cms1/cms_redirect/yes/mh/q-/mip/2a01:4a0:5a::10/mm/42/mn/sn-4g5lzney/ms/onc/mt/1701721301/mv/u/mvi/1/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C320 201 KB
58 KB 179ms
127ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW41hgAIphsA-QQdAAPixQjx66h5uVcPHgX0eg&u=%7Cz%2FL6JJIkj04gPET%2FDlrbXlxU%2Bc6nFxjcQ5oMZYA4R%2Fo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-fzz6EBs23DKk-NbUsJ7D0pz1Ps7zM-fdX-KJTQE_BG4--DO9KJwcww8CWHUCl_jFupINuZL_iPshvVsk6P0NfnAXbuVwFhan9xgiItMZW4TshLh06opTtkU3lioks0KzHYvmXF4G-tvdXN7ZgaftpAc_fiCdDBkg3EYrZuKoh3OHym-PNoQlJxVkPaqZLlCYIMww7ZOj5r_n1xzVhW8e8-vNZEnslaSxQ96D8uVMbpGstS3u2EzqruMQfBfcKsG69uZVsmC5g5vdcKkZT58Lox3miZa3mXq1e7Q08EwX3QYAvMl3cXchhGezbrfG_F4G8OY4ptSIlLbYGAZ-LvIljhBO_9hcgyGNpjka75GRetUZM0PDcJIeloH3rDKfT99GtRV-f4OT8UF7od7yvnxTrjAcWM2nD__-B3utesMEHt2LlfEKuDbz911T2IuMsGCEO2kY5CS5y_EgZaF-wZ4Re487nNtYqDaZopMsuVn0UCR2WbIa2RWGCN85H1qFBMIJpVVG3lYbWFnKm0Ge_7cDoLvckKfMCGw8zPjGMD2X6FHSGpmjhuSGU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgZChjVuZZvMIp2I5LcPxcWP-AfJntKxXNX24taTAcCNtwEQASAAYJWqlIKgB4IBF2NhLXB1Yi0zNjE5MTMzMDMxNTA4MjY0yAEJqQJfaGHw1zSyPqgDAcgDAqoE0QJP0Nm1U2LQTPETCEGkeMGTF9NuUbukpWDOnNg7toa5Z7b2oUpGA_byt2E0uyYIFbTVd495-jfqZmE1we0OxowS3lxM0X4lkLjNA9_715WmBS6xrDdnIKkN6tTJpvZx-owz776g_CeoO4I2FsWkS3ZwB-CiYOlNnNERf6XhXQ2bUOW0shwxKN2GcwbJRzypAByiGGLDtHOJvICc0RewuZYXfKX-539F4tPZFiOaZNOiqzVYtebGJc8JgusB1c_Wic_Q9JytFeGC_jPmV1uPc-lWFca7jovd0Kq_VxBOQLm_wHOpYuuXIFxYws5zw8YCzxNLLu-LyjPmRbLc9NrUaGqapqot77FGg1rfla5Bb3vQkvgvDtjWgOw7BtHlMhJchR7w-2gDaOMUTN_Sgn40-GTG25Ms65tZwvZb-mLX4yRszobKK8GPA1EwhgWh2vmwlGkygAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYquPtwc72ggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Nj5zy003ks8D0W8Fe0w3P0jDo4g%26client%3Dca-pub-3619133031508264%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3ea5fddae8e57177771ffab5a1a733382a48bb953058e30f5fc797384420ef8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:38 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=F-ZDzMk7RY-4BN6PMym5QgApAUjOVo-whHBMWh_PDP9m4aYYQsZOTN-4zgJoRuZijxqDNm7N84-XZbcMNPSivB2gFUATuwzNQdhBoe7nJjwtFXA02tLHPMXLem3fc4P4vzJMBgmLMkBWlJqTaoX54HPq8_N4JSRwzPVICRsKL5d9OCQvxydZn8PpgKSQQetLAqsbXP3xspjUe3dI6-cR_STwxZzv72GMpf1NCJpp18GF0OiYtjvESWVhjThWP7zC6GyS-g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 59771990
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1FAC 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 13:51:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1FAC 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FAC 202 KB
64 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 88BC 201 KB
58 KB 123ms
80ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW41hgAIphwA-QQdAAPixbMZGmcvN54VF0O8Kw&u=%7Cz%2FL6JJIkj06FX6yTLXhZZmDpFVaHviwGL1wysXiYFsI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-fzz6EBs23DKk-NbUsJ7D2V0s0iZmsUTG81aXFMpt3MP0RsDxSrnZF8K3eMOcVon4bHAW6Ocdrbj_ojAvIlcmen7OW1r7EqTknSoLU92Dtqoz691s4tluoFr6-qRmP2E8F1mjRegEMCxsqjMAHXwTSZASlUM6XDVXG4ou9VijDJZp45asCzZ0LVzOQBQgaBpg_N0GT5LaHDXJL5lwfp3cNInobQTylyGtPmJ3Ixe-JVcOAeppqXmXrwJEB3w449XgZkP1KfkTRGM0QewcW5wpJV4ujOcDkiFFf-G94nA8djSMdoO4Evgh2-BPdUkClzD3llUVp_8A7RmJlP8ZeQRFTeh0pYNMPuLf_WKv6Pg15cdmMgrNf0pennHe__VoF69PTRUmzXS9Q3SdUjB-nU3kPU8AEH0oujAMMEBt-zVKVzshIjYkbrtZs5JKVVX3GUJV7ViKOo_1XZth2n1NthqG8Ow9cwiBoh-dXorxj4nIwUoowwSW6bsQOY2HMjwhhDwsXenycI3Qc_YqG5Cz3JJjrMgPtjb2QNjeCPwwabCLgW&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX7PHhjVuZZzMIp2I5LcPxcWP-AfJntKxXNX24taTAcCNtwEQASAAYJWqlIKgB4IBF2NhLXB1Yi0zNjE5MTMzMDMxNTA4MjY0yAEJqQJfaGHw1zSyPqgDAcgDAqoE0QJP0Ep53Vqz4v7vRmu7GLYQds-iMh_MREQAjZqCMUpIj5Z3-GyC4BLpm8iVZogK-g1D-3l33ARk70qze47roJGVW-2CzkCEmfcWvj_pmTj6AFpZdZXr3fFW0uiWv566P9RSLSaF_YMZSnV2eDMLUM-amibJR4bGtdbS_KtGLZttMr2GGhkOtwXb-X-cTOLoGH_t74inpPpoGaznGPb79eHviNYxZZsDIvN8nZvNYga_SenOfJfHtTe2yN5YPhl4Zr9gxuvaEHhPmI8ejHcnSYjL39UZtxoMszzeW0W-rWkewca1J-syXMVhKWS7tmVo5ZxBX1CeW9caYDXgyJw2ptLUEohdDmTXBkaZ3cfbNGL_Qz_8M79o0gNm53TVv-HDxWaTDQWIcnAVM5bYvR74KsfoIu1wMwkDsizaFVSnk4NqfK8QhCwz-HyA4DHi46hnGgOlgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYquPtwc72ggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_23zEu6dr_dKs85ttzaU7_oB8UjOg%26client%3Dca-pub-3619133031508264%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf8a98caaa1c86827f1d06979e4134451343865dc845c78de1a4928e85d853d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:39 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mqjba8k7RY-4BN6PS1ZB1UhVcNFzEJdy31If6ArPIgRRGb6y4Qw5ZH6bhkccpr1QGIhBf89_E-N_3CuTUimdIA_IVzGgQ5xGSwJn71SlDhxeEnzOrQ5TwE_4hUT_sdR5uG5NtN7kgcd4iElaykqXyadn_ohlwhO_IlpVvciB20yra3SW6UxsvPuBvvgKafuM6_L8C0BGjDq5DcdXCUBBPGCGfFeuS9Fq40tiWe5zSEophUEAvRdi3jQnpSWyQX1V-XR47Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 59522179
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 98CE 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 13:51:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 98CE 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98CE 202 KB
64 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:39 GMT

GET
H3 206 file.mp4
r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/9ab2844aa052e94c/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214695/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C401 567 KB
0 21ms
12ms Media
video/mp4 2a00:1450:4001:f::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:f::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 04 Dec 2023 20:24:39 GMT
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4304973/4304974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4304974
last-modified: Tue, 31 Oct 2023 15:35:53 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 91B8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZeflhjVuZbyZI9OH5LcP4pyB8AXQuPm_dL6YrICiEO3xmav3FhABIM7OhmhglaqUgqAHoAGG19e9A8gBAqkCX2hh8Nc0sj6oAwHIA8kEqgTWAk_QRK-zrQk5RLM2JcOO8NH1_OsXEoD9U6f...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214562808203723918186%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_windo...

0
0

64ms
41ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214562808203723918186%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224549609263153658049%22}&andc=true

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14562808203723918186","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"4549609263153658049"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 20:24:39 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14562808203723918186","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"4549609263153658049"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F241 39 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:45:17 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame DE3D 51 KB
19 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:35:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:35:31 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A56E 23 KB
8 KB 17ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 255503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 21:26:16 GMT
expires: Sat, 30 Nov 2024 21:26:16 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B68A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6522c0242f51b2366e7744699a84febb429ed3b897cf29543741696abdd01dba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 105ms
43ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 20:24:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B68A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CPVOEhjVuZYqMI5TX5LcPpbaE0AT89Yu-dPfHyIH2EWQQASDOzoZoYJWqlIKgB6ABvIbNuijIAQmpAl9oYfDXNLI-qAMByAPLBKoE6gJP0O0lqQn3ppzGFKiqKHR0ux6sYN6lqmaWp3lv1Ru...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213010808810636327388%22,%22debug_reporting%22:true,%22destination%22:%22https://brautboutique-katharina.net%22,%22event_re...

0
0

43ms
43ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213010808810636327388%22,%22debug_reporting%22:true,%22destination%22:%22https://brautboutique-katharina.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210860315452%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22585455406938375537%22}&andc=true

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13010808810636327388","debug_reporting":true,"destination":"https://brautboutique-katharina.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10860315452"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"585455406938375537"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 20:24:39 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13010808810636327388","debug_reporting":true,"destination":"https://brautboutique-katharina.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10860315452"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"585455406938375537"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B68A 33 KB
33 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 429768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:51 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 88BC 2 KB
1 KB 58ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW41hgAIphwA-QQdAAPixbMZGmcvN54VF0O8Kw&u=%7Cz%2FL6JJIkj06FX6yTLXhZZmDpFVaHviwGL1wysXiYFsI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-fzz6EBs23DKk-NbUsJ7D2V0s0iZmsUTG81aXFMpt3MP0RsDxSrnZF8K3eMOcVon4bHAW6Ocdrbj_ojAvIlcmen7OW1r7EqTknSoLU92Dtqoz691s4tluoFr6-qRmP2E8F1mjRegEMCxsqjMAHXwTSZASlUM6XDVXG4ou9VijDJZp45asCzZ0LVzOQBQgaBpg_N0GT5LaHDXJL5lwfp3cNInobQTylyGtPmJ3Ixe-JVcOAeppqXmXrwJEB3w449XgZkP1KfkTRGM0QewcW5wpJV4ujOcDkiFFf-G94nA8djSMdoO4Evgh2-BPdUkClzD3llUVp_8A7RmJlP8ZeQRFTeh0pYNMPuLf_WKv6Pg15cdmMgrNf0pennHe__VoF69PTRUmzXS9Q3SdUjB-nU3kPU8AEH0oujAMMEBt-zVKVzshIjYkbrtZs5JKVVX3GUJV7ViKOo_1XZth2n1NthqG8Ow9cwiBoh-dXorxj4nIwUoowwSW6bsQOY2HMjwhhDwsXenycI3Qc_YqG5Cz3JJjrMgPtjb2QNjeCPwwabCLgW&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX7PHhjVuZZzMIp2I5LcPxcWP-AfJntKxXNX24taTAcCNtwEQASAAYJWqlIKgB4IBF2NhLXB1Yi0zNjE5MTMzMDMxNTA4MjY0yAEJqQJfaGHw1zSyPqgDAcgDAqoE0QJP0Ep53Vqz4v7vRmu7GLYQds-iMh_MREQAjZqCMUpIj5Z3-GyC4BLpm8iVZogK-g1D-3l33ARk70qze47roJGVW-2CzkCEmfcWvj_pmTj6AFpZdZXr3fFW0uiWv566P9RSLSaF_YMZSnV2eDMLUM-amibJR4bGtdbS_KtGLZttMr2GGhkOtwXb-X-cTOLoGH_t74inpPpoGaznGPb79eHviNYxZZsDIvN8nZvNYga_SenOfJfHtTe2yN5YPhl4Zr9gxuvaEHhPmI8ejHcnSYjL39UZtxoMszzeW0W-rWkewca1J-syXMVhKWS7tmVo5ZxBX1CeW9caYDXgyJw2ptLUEohdDmTXBkaZ3cfbNGL_Qz_8M79o0gNm53TVv-HDxWaTDQWIcnAVM5bYvR74KsfoIu1wMwkDsizaFVSnk4NqfK8QhCwz-HyA4DHi46hnGgOlgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYquPtwc72ggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_23zEu6dr_dKs85ttzaU7_oB8UjOg%26client%3Dca-pub-3619133031508264%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 88BC 2 KB
1 KB 60ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 88BC 308 B
636 B 19ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 88BC 293 B
621 B 20ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 88BC 43 B
348 B 55ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=RwBqc96CE6D-1zVCyUDLT1rTLHQCHrxubmHXBT_qDlwpyG1QyhZUWved7cONAKfl0xIfB2vn6pwGibAEc6tPx8EcqVqEHmOKzBuXMKRFJ2BqaSoHLPnLwk7NTES306wmtAAgS_9L8N4urNfu_f_48j8WbzejILiWui1lhsmCmfXlIbFIbQz5SjHPIzn_t_dkxuxrQopi33D2vDq2MrJ-S1ckvr96Y3cf_h9yuwHk1Sex2emXFjMoXOSf_FMdyPNg_0OKgew7C3AlVgXaS_z9o69uOKfYl9sbjSCzRqzlU1--X3jPFNHTqaigZCCale1wdu1_G2xg4hJm1xBGpfAqCNcHOxejsMLNnnp7smeHa1p2XCiKXn4gpsNPQkY1jVNcgV9NUGFULBayb0af7Q-kmb4K3_1iOW53oSjFD-yR01OTedRV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1614028
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C320 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW41hgAIphsA-QQdAAPixQjx66h5uVcPHgX0eg&u=%7Cz%2FL6JJIkj04gPET%2FDlrbXlxU%2Bc6nFxjcQ5oMZYA4R%2Fo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-fzz6EBs23DKk-NbUsJ7D0pz1Ps7zM-fdX-KJTQE_BG4--DO9KJwcww8CWHUCl_jFupINuZL_iPshvVsk6P0NfnAXbuVwFhan9xgiItMZW4TshLh06opTtkU3lioks0KzHYvmXF4G-tvdXN7ZgaftpAc_fiCdDBkg3EYrZuKoh3OHym-PNoQlJxVkPaqZLlCYIMww7ZOj5r_n1xzVhW8e8-vNZEnslaSxQ96D8uVMbpGstS3u2EzqruMQfBfcKsG69uZVsmC5g5vdcKkZT58Lox3miZa3mXq1e7Q08EwX3QYAvMl3cXchhGezbrfG_F4G8OY4ptSIlLbYGAZ-LvIljhBO_9hcgyGNpjka75GRetUZM0PDcJIeloH3rDKfT99GtRV-f4OT8UF7od7yvnxTrjAcWM2nD__-B3utesMEHt2LlfEKuDbz911T2IuMsGCEO2kY5CS5y_EgZaF-wZ4Re487nNtYqDaZopMsuVn0UCR2WbIa2RWGCN85H1qFBMIJpVVG3lYbWFnKm0Ge_7cDoLvckKfMCGw8zPjGMD2X6FHSGpmjhuSGU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgZChjVuZZvMIp2I5LcPxcWP-AfJntKxXNX24taTAcCNtwEQASAAYJWqlIKgB4IBF2NhLXB1Yi0zNjE5MTMzMDMxNTA4MjY0yAEJqQJfaGHw1zSyPqgDAcgDAqoE0QJP0Nm1U2LQTPETCEGkeMGTF9NuUbukpWDOnNg7toa5Z7b2oUpGA_byt2E0uyYIFbTVd495-jfqZmE1we0OxowS3lxM0X4lkLjNA9_715WmBS6xrDdnIKkN6tTJpvZx-owz776g_CeoO4I2FsWkS3ZwB-CiYOlNnNERf6XhXQ2bUOW0shwxKN2GcwbJRzypAByiGGLDtHOJvICc0RewuZYXfKX-539F4tPZFiOaZNOiqzVYtebGJc8JgusB1c_Wic_Q9JytFeGC_jPmV1uPc-lWFca7jovd0Kq_VxBOQLm_wHOpYuuXIFxYws5zw8YCzxNLLu-LyjPmRbLc9NrUaGqapqot77FGg1rfla5Bb3vQkvgvDtjWgOw7BtHlMhJchR7w-2gDaOMUTN_Sgn40-GTG25Ms65tZwvZb-mLX4yRszobKK8GPA1EwhgWh2vmwlGkygAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYquPtwc72ggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Nj5zy003ks8D0W8Fe0w3P0jDo4g%26client%3Dca-pub-3619133031508264%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C320 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C320 308 B
636 B 13ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C320 293 B
621 B 12ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C320 43 B
347 B 18ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=58K8S96CE6D-1zVCyUDLT1rTLHQV3uJIeTFOnt4QsYxUDV3bapd5Fw9IzoWJKIJCQ2tqUZCCvLvtB1aw38SF0ewS3lxHpyg5P8KvbrbfMMMSp1tVhWCH44GL9sT07L9syLqMeVn7p4Dx5h7Err5XKvHSGIRn8aKEV_uGVRXjBx7S-41U2Xcck4-0ip8zFGFyKQzyokntuNy7Zedmt7s4yhRMC7C-1SYH9KVRm2oV9dPn3UxFIZIhvNNgxVm2V7TIh_lVRdZB1rGKXjj4qt41hHZNCkfdC72ToRkqJIP0z-W7_EaHY3oC05e638z5FYviR-58vHsQjSK8yaEyqLlNxs2wolJZgJcNBsZEzXSg1hNJjPziPf2KHNBc42K66C_gmePQxoI5EVbizJTlzMzgHdU8s78IVGbC3LTrBhTwShx0R2rH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1706320
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 88BC 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:24:39 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 43ms
41ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 20:24:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A56E 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:45:17 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E31 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:35:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:35:31 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C320 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:24:39 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 88BC 0
128 B 55ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=mqjba8k7RY-4BN6PS1ZB1UhVcNFzEJdy31If6ArPIgRRGb6y4Qw5ZH6bhkccpr1QGIhBf89_E-N_3CuTUimdIA_IVzGgQ5xGSwJn71SlDhxeEnzOrQ5TwE_4hUT_sdR5uG5NtN7kgcd4iElaykqXyadn_ohlwhO_IlpVvciB20yra3SW6UxsvPuBvvgKafuM6_L8C0BGjDq5DcdXCUBBPGCGfFeuS9Fq40tiWe5zSEophUEAvRdi3jQnpSWyQX1V-XR47Q&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 20:24:39 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 88BC 2 KB
1 KB 18ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 88BC 2 KB
1 KB 15ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H3 206 file.mp4
r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257479/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 5A28 497 KB
0 25ms
23ms Media
video/mp4 2a00:1450:4001:1b::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzney.c.2mdn.net/videoplayback/id/47d36780c3b4e159/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733257479/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5013D3659A18632452144737C0F23A12FDB2512D.41C6096DEC2327EE2515F0CFC45989CB0490C417/key/cms1/cms_redirect/yes/mh/q-/mip/2a01:4a0:5a::10/mm/42/mn/sn-4g5lzney/ms/onc/mt/1701721301/mv/u/mvi/1/pl/29/file/file.mp4

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 04 Dec 2023 20:24:39 GMT
date: Mon, 04 Dec 2023 20:24:39 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-6022234/6022235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 6022235
last-modified: Mon, 20 Nov 2023 13:06:35 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H2 200 all
csm.eu.criteo.net/ Frame C320 0
127 B 28ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=F-ZDzMk7RY-4BN6PMym5QgApAUjOVo-whHBMWh_PDP9m4aYYQsZOTN-4zgJoRuZijxqDNm7N84-XZbcMNPSivB2gFUATuwzNQdhBoe7nJjwtFXA02tLHPMXLem3fc4P4vzJMBgmLMkBWlJqTaoX54HPq8_N4JSRwzPVICRsKL5d9OCQvxydZn8PpgKSQQetLAqsbXP3xspjUe3dI6-cR_STwxZzv72GMpf1NCJpp18GF0OiYtjvESWVhjThWP7zC6GyS-g&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 20:24:39 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C320 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C320 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:24:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F241 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B2O-chzVuZcmwEIvFhcIP1sam2AIAAAAAOAHgBAI&bg=!NjWlNXrNAAY3kmNgF5I7ADQBe5WfOG3Hj3l81VF6pIRpBBLBooaAM13IBnunpBpSryx3uSwGSyUcWMyqmLBR0jP9emL9AgAAAhVSAAAABGgBBwoAXd3okrM6sc8NP02nQdRPkiIzxo7tJYcdq9UlJDMivldXwS9Y87-8Q2p9zjboDysXqDaq9TfKbaWKityCkpBa6bYu6NDkqcNv0UXJX-vDrxOT7yZ9Q7As8yz8CGQrTZkC4NofWvx5AIrBMr-eP1ECHbB3ea_xPx6dwXRywzkMmcHxFHxIBWk6y2g_0xQCMnU9Z2hvsPbHrA4cgaTXfhioWXEQc6QGhk9Yv6mV0E6BdS01i1BYxyoYLUE-GyvXPGWxmj15Ru9ap1zZKDbsTH-jbFMKpeN-0d_7imkoH4h6assGpCy748ZPeWgwovOnl5Q63ahVH9baMflbYEJI8XBu5li5UixHwysofnEiY-fmcKXszByqlaRwOMgJPFrURHqojYETxSWsg2Jaiz_OdNXd4jOJV3yK3_oSoUWEyySB1Oh7pRr3msbU9H9KJpIkj8MGaJNG3Co0uRXgCDPSlEvyO-X7tT1o7TslgDwXyd5N2ukjNvjNHieaoqRynwsu9CiJkVHHqaqHXppRL9IlRw2JkUOkXJe3SSb8n7FnJ9a9XSAlqAWjWrxsODo4TOwzWHRVIqGRX2dzvTlnVD5dPCKB32YGcSplTyk0htBPwp8saz7fRsc0IhmfUn9aMUXsXQFd24YElvAjUThbHi7vu5UQxx7vx2i3jjNm3lhlsnRp_rbpTG8a-qStRETPcZb5ad2UbNlS_ADNxPdZ-nvWgp1wOFZZXMUfwNIr2GOJGaVov60RyY5xTlDTYvHSX_D7JJxqnFH9Ax5lG8MSJM8dTSYfHkXKr6AP6IdIAvsnpbUKOS_Q6hHy7psNQWohOMqZpXkSPIahyzFonRlJNhQqLJtG67D1RssGB3Nh46i7MkQ68rFk2vxt6pm8ezL1DokpT3VsSNIlifljQ8uiJAisW_UF2FQ50KyXV87rCb_rTt-juh6WyOIYGQn7A9pqzrHRVnACk9r-twWD-MwO4Ltx0fl1L0lXF5BvM2MqW98NOSq8fDrDFEnTn7RMKWsRpJJk_LdOB8VqPIp7KIxwuudZ4j5loH3WcwkeGeGIw38M1jkBOGeLJJek3hMCAQ4HPSWKcq5cpMYtOEuxIPO5f7IbduhlW2Q

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A56E 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B7vtChzVuZZmnEJGBhcIPtd-DqAIAAAAAOAHgBAI&bg=!W1ilWBfNAAY3kmNgF5I7ADQBe5WfOJeGQxarQaNGpyHlxNLq_cJfNT6rHkD9ylKWyn_zU4f58WLmENGvIv4ArWqLdWifAgAAAPNSAAAABGgBBwoAKkWo4CSg-BUCQgBIkjflsaenaLnm4Dhz0AmG-jD76XWFSqbDPuOemNBwg5kC3HTTbiKAm2gG8TEDa3h_5D4lCI-ZBtIfXwvao9Pp2aqB7lvVMJlnbkE5gpk8UUxOdxe58YmMyAi5q2pNOrhSmgHHbZwspbkUGJNp-TGMdHRib9_3EmhB4DAmVDX4lFJKAlCCasDzxBtpDe6_04juIj-3j7At9Fza75FCP2pbnpkjNm2IGvdPMvZIrF8YOXywRJ0bIYnn12H5WqGWoDdvgPy5phJ5eVD9U5r2LLv-GwnNl03tOMKgE0If3Hhfq5aDZi4Q9GcawZ03NoCuf0OKR4w6oi4CO5eZsrL4vDIHZ2n_cplWrr_2ak-EFuc68dbXziwldAiddJAyETuyHl0lbumUbnXub7ItG9I3gywRauXpc_DJUcHjqrvAiexusFC-IrJrcOhWQzZsdlId8bWQSPv3dpxk4AUy-kdELwmbRN2V5T0hPon0diZk__ftgMf0AOKWJz3JKNOyFEsqcq1cjzVbNtzCOLFN-i53MVXH7rSj_q3kJHgBsAShRZ-AVCgFEhOnpCzMAtTS0jAXA62eBzokiXku9o_Ly_6YVsuvP2PPkD-lhGQf7e2_4b7JAiUmtCwiznDe31ioec1D6ZKSnHUSRtYQeJkzLwos7ZRikgdgBu3ChBZa89kCDYpZB23GxmSlQUbsDia6nz5ONC6HrK_X4lKTypX_IpwnSRKT1SIywXdtOVLFzuTSUIHyXa_X8YakzE1bHn3F5iWULNZV2vy0aUFvffxFv_2m6fZx6UYAR8BlFJqkRQ6wzB8yhdRAo48EcvelE4Vwn-k7TuADQy0Y47FEUU-5m-WIZl68avxPF-36dbsB_hwPETS2icneGBugpN-ita7fkV-EKrfsZOOzBwnPX5l7kEg2apgHeShoWPL7GHohratHxr7QnqKPrwLph49MfM2Wq8MMolBrQV0EbHN64eThtlUe-yY9ccIcX7JLbXHQs1nFQ4fZn5ijSuUFF_UuP4TRonZ7tA

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C401 0
54 B 108ms
106ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lprd150c&c=8489128098881&slotId=4244564049440.5&qqid=CPK79cHO9oIDFQcR-QAd5ukHhQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2092&mt=video%2Fmp4&vs=576x1024&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.md~vil.107&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5A28 0
45 B 106ms
106ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lprd154b&c=5977401285216&slotId=2988700642608&qqid=CPTf9cHO9oIDFaYt-QAdfDANNg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1523&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.q2~vil.165&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BAA9 0
54 B 106ms
106ms Ping
image/gif 2607:f8b0:4002:c11::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lprd14x0&c=3016071567961&slotId=1508035783980.5&qqid=CM7p9MHO9oIDFQsu-QAdISkMDQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1523&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.j9~vil.14w&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 91B8 42 B
174 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkhTNtZo6YwVtvABxgjltBdlHGo8k2jBJv8RmfBaf3zJUXLTOjw-ppFJXVqIVQtMdF2o9WPyMANOiLsD5dPJndeIz758es8TjynLo5qr3mQlAmT1sxgXMg7nyT_yw5ZoHZJVfs6r6NkOI5&sai=AMfl-YQvIdNwDuhBphPUTPuyZfhj3XmG8rquICS4DjxMX7qTOqgJ0OSGXcr3C4WIpr_R2LrEdRNlJsy1jtE1YPV_mgLPc0jpiWVlTZlSFQS7evWEKytMh0yXCsdowheXwVNMuGkvlhpJAooQoLyYGsITkRylmktkg4XNM5Bc&sig=Cg0ArKJSzN-z1_KXdDirEAE&cid=CAQSTwDICaaNS_CXXDPL8TNw326WLQmgiHMY7rmEQgR9BcXqOQpe_Jw0wpXRFU9wayFB_erOwuyvZ_iejjzOqri6FhTpd720bePT0CaDTETGGXEYAQ&id=lidar2&mcvt=1000&p=0,0,211,820&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1757034124&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701721478485&rpt=948&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B68A 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOfNZ-G_G2HHNf5ymuQNzJb0hBPsWzZH33_SwkGBntzAslhPgc7_ijnWPCnVr0IVn2k74X_eKfnWk-AnhHaCnp-CLAuiAI9tHO_jGNmAYnolG5RD1kJXZLuUpEAZaYajWF1lrQ5nfGmeaDnFJ1CNIETIeQALHx-ROq2YRzp-1CxqM2s1MPVPB7tP_S69HyTFd9QVJu6c0NXjY-sHb-k3_Ta4KvJRLywURoVQj7wvlpvGgjiKqfz8Rj5NtHob3qst0o_9jlaEk3G1hmLz5s3mXr_8QqbdXNZOmBj00-_f22sItB0QeM7LgOWhdKwU4-e2UTzIuAsvV8dG0OMFfrAMw1dpVPgtUxEoufbmGvTwTcrDwnIGuzNYiNH2QrQZ7kMMlzdYFwI48y8RR0QZgx6JGse_NecMDi9EpZzJL7lJ-QN2LbTq9ebPkVRxbr-GERgovIdvuEjjMGyIJ4tiUCdJgBEH4MGqKyEooPwwsvXPKKyk64fdzAulTj6wsdC1u3pQlzqBpj8Hesbqhozrs8Zea4LRVu_0qgI_KgOC8Jr3QMMwyl3002HkwZ08OIhDt5ck6Awwkb4dSVYv3CzNPfBPYgnmzP1ARWtUtF0LIrgxpYpSwdHgsMzfke9AVa1eHKXca9xAox724QHfvL6avxhta007ACJ0so1vK-vcTKshuv4XEBlWzjEYsC7JMZtct0MdcVXpXnggxUcdssXsQHjyboRM2QmmrcNoON82S7vnrqtIlNd4BF6DNpv_tQWWD3JJycaKCZT43OKpjHBLM-JqTnqglrZNio55SRRxfbpz9oG13Pn9mNNXrvY9GJ71-FHtzjgFnT1qNtR-H4rkjdsVNFxn8eTxDFGaSyB_w5nefUZn_7QQE5NXrCxRql_9awgBHLC9ON5-4FrSd7gRuGdZpzdruTO5yX9KHPJ3iznFUgOKjHyV-APSdpFL9HvSQDeCl3c5gujRCqWv3xRt4nlS6zDZHjS6Dtt-azvIDCy0bKk1223sw3DyUZPmork6NF2CTTraDLCAYWgj2XxLnwCfP5H_wAn1hLo3Y4rew_CNMf-kNKk1zX-ShWk7NmYs2WfrgpXSOePvqdIJXPbzdv9HcPhalSmBRTxaa7fjcn020hSzqXScI1t8gR-mBMzH4yx97cuLeHE-zCs2L2yajjLKc3SE25jZta5pJhl27K2574KeCFou7-IijoXcpeKc03Dg-HUqjYfUQo9sar6kJGcyh-j_MMRGVn_-1pEtjgNdR8u5baZy5uk-4BrSRPLkH98O4KfAGWtlmpXOAkj91CX56rNQRqHx7TxjCsErRV5CLEvh0NEfIs7StQUnkXJ44xA-4frjHDdBa0leuQjS3qSaoVhkseSRuSr0O7GLAxqqOjAzxBN3Hf_S0F3-mbfPUcXwzOeqNMz4USfjuslUmQDv0O1nfaOCNgk4IQuqsXfn5eX6_W-E2ssOYZPlBTwzI2yfsaIfYKQnQK07o&sai=AMfl-YStUD0j9llsyYDFgyV6ISohIoGZQdPJcsKlD8OxM_jAxWpZGwV-X7WWXTmewxWR2K62PFfQEWcfjoQoB2tKsnh783RcjKaEfKgMFguhX_qdY5ZV4ewhZ0BNBn4CcVy2BblVRk1CuecPQoAVNfvQgdo0brHDQR8QslTO4iUAMVtQnVpLiH5POg&sig=Cg0ArKJSzM1HYSmE5i72EAE&cid=CAQSTwDICaaNTqp_yqCXN1yudxwBIvvhEV__xRxwY7oBwMS6xlosbpt47RCown8sfaLDVZ4JGu5_GGS2hvjAhrdRpN7uE-tmb6CsK30t8lUJDVIYAQ&id=lidar2&mcvt=1003&p=0,0,280,1200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3910651328&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701721478480&rpt=1299&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D42D 155 KB
52 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template-v2/passback_infootermb/newsmoi24h.com-passback-infootermb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

918a20b6cf86739e4ad9114f32e0ee80d62043adb057e53622fc60a280efefc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53145
x-xss-protection: 0
server: cafe
etag: 11507570698729427013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:41 GMT

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2b183bab67f6ccec7a73145d7553a3e3294d470b0d49bda1ee5de802b590394

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
52 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: aj1559.online
URL: https://aj1559.online/ba298f04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dda7268541361264fd798981493c9d5ce54a9822f37647130f359610382095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53142
x-xss-protection: 0
server: cafe
etag: 14813399821692354087
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:41 GMT

GET
H/1.1 200 zhGfIjcFwMEmpJoMXXVKI3A4rI4o1IvSrnD91LnMPa7QmIS6Xv6VNsT1ah7FmBwo8EU2sP4eRlXC0GUJyLhs_6UiE-2xq0OOtuhXPXn9mO5QXdWgMr6LSrs31hIy8YMxSnOsP2bdEZDy7wlX6Oe8hy6PLRd1Xt6yw55Mf7kdNjiPCvo08R9HIsxqFxRz8CttHLrZD...
aj1559.online/ 49 B
512 B 95ms
95ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zhGfIjcFwMEmpJoMXXVKI3A4rI4o1IvSrnD91LnMPa7QmIS6Xv6VNsT1ah7FmBwo8EU2sP4eRlXC0GUJyLhs_6UiE-2xq0OOtuhXPXn9mO5QXdWgMr6LSrs31hIy8YMxSnOsP2bdEZDy7wlX6Oe8hy6PLRd1Xt6yw55Mf7kdNjiPCvo08R9HIsxqFxRz8CttHLrZDyKbZefmsG7XdfnREnSznb6MO5Ml59S5bWO-CoHF4QQ2NuSdxQyJ_FI17hQUYKEH0fDyGse7ig6XWIZgWVqnqEr15pYeqcoylRdBG9IAEGU02VBJgmtZ7VVzG3j4gwl_aIiYfZKK-cY2grrg1d_oZs-vSf46neld0kyN-ngpKFgE5w7Ik_tJ7UbkGX04SbikJM5z7JDpoLJaKYGMK?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:41 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 zsYOKkz--zLo7xwE9_bHN6a6RMVnye0OyaROpPpAy__kWoaMb_oO17r958m9jguCHQkvPe296SSysoO9eV1FlVSf3nRMR4H5_yIoTOUHobkrWJM6qyXdm0cGsVYFCMMibiLtdRqFK-bSq00LOi1ZHfp0oNLS8eWMmCHVHiTZXrqAHQXhplCKkW8qTZOEzEop0aM6E...
aj1559.online/ 49 B
512 B 94ms
93ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zsYOKkz--zLo7xwE9_bHN6a6RMVnye0OyaROpPpAy__kWoaMb_oO17r958m9jguCHQkvPe296SSysoO9eV1FlVSf3nRMR4H5_yIoTOUHobkrWJM6qyXdm0cGsVYFCMMibiLtdRqFK-bSq00LOi1ZHfp0oNLS8eWMmCHVHiTZXrqAHQXhplCKkW8qTZOEzEop0aM6E7ifuKm_Relu02wGCRQ3PHDz6-s6pXfpiw7ZeJBVf62yfnTFbZeR4-fVP5JI6uXXofhY_n9d2P9iHyzV-aKOV7Ky8vuNVDsS4lMekKNZbBx6W1k1yHeFQ1ezj3TsbCQNX9e9WKhshz5qATIiHdQWgEacL35_EKAQCgOaWRjLNjLfcK6BKAbW3687HZJ6gAbZhczIjVPYhyOmXKGl4?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:41 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ Frame D42D 398 KB
135 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=newsmoi24h.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43413e6af5053d9f69d2f75fea6bfd1c979a4a9105d086f2fe72749427324325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137670
x-xss-protection: 0
server: cafe
etag: 7255484429159307942
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:41 GMT

GET
H/1.1 200 z5vsXZmga2zYIP4WCoFgWsnDSaYUoX5cFKUVNbF8LMGvui2VMRabRxreFIoCCqth_9KQxKdSmNz_StpG0LguyLk6tSTwltGnIuJFdt_GN-r94q5KZc4DrN5oFCtJFr1aMRa7-ccv211w5-wbXrKf60F2iV5Kc0CQ60-L175znlWPdcQ163b552JMCvSMbLrJwiJ4B...
aj1559.online/ 49 B
512 B 93ms
93ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/z5vsXZmga2zYIP4WCoFgWsnDSaYUoX5cFKUVNbF8LMGvui2VMRabRxreFIoCCqth_9KQxKdSmNz_StpG0LguyLk6tSTwltGnIuJFdt_GN-r94q5KZc4DrN5oFCtJFr1aMRa7-ccv211w5-wbXrKf60F2iV5Kc0CQ60-L175znlWPdcQ163b552JMCvSMbLrJwiJ4Bzrs_rlMvVM5wpfB4HgRKhsGxtQGhigWHYrCsmYDb8EnAxGSyVMZIFRP8W-7uSsYvEBDyBfQ3lo8_rjUO2saIDDKMQ0zcoXRfL3W6PdyUiRB3z_jq1_aWIJVphiuzmOSOchtWzTQ-oGArqI0nyLBDTW0s4NnNyRT2NRhR6ZkpVf1gPD6tYJYn2KrL0xaGQlNAQ_5SNN8OwVXI2fst?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:41 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 newsmoi24h.com-passback-ptomb.min.js Show response
server.zmedia.vn/static/template-v2/passback_ptomb/ 24 KB
8 KB 277ms
277ms Script
application/javascript 123.30.177.125
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://server.zmedia.vn/static/template-v2/passback_ptomb/newsmoi24h.com-passback-ptomb.min.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.177.125 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Byte-nginx /
Resource Hash: 1c8c35a6168eb6834bac2920bb41bc8e36623872d19b30bc3593c6b0d8e1091e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:39:41 GMT
date: Mon, 04 Dec 2023 20:24:41 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 06:19:58 GMT
server: Byte-nginx
ef-country-code: DE
etag: W/"65409c8e-6194"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
ef-cache-status: HIT

GET
H/1.1 200 z2b8I8Rk4ANshGEau7n-gKoDX44g3N_vBIreQEweeHPYd3_LHvlF_ooJHetLDrbEWscc03xy9OO58w6apL0qhiMWmYM1wFXi-j78mDoGAGcGWbObUnHWEe-9q0oGY37tps0Wvu46lJDVyZU7QDRPz0EkyH6esRXpqI5rdw21FFHvCiHiFgvI0zVXUCgbb35l5vWKc...
aj1559.online/ 49 B
512 B 93ms
93ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/z2b8I8Rk4ANshGEau7n-gKoDX44g3N_vBIreQEweeHPYd3_LHvlF_ooJHetLDrbEWscc03xy9OO58w6apL0qhiMWmYM1wFXi-j78mDoGAGcGWbObUnHWEe-9q0oGY37tps0Wvu46lJDVyZU7QDRPz0EkyH6esRXpqI5rdw21FFHvCiHiFgvI0zVXUCgbb35l5vWKc7ENRvlREFPqzmOgfto0vvDI9rMWUmRteQe7c58Oo8ynQlyz1_8OqDSddnKnq_SvX86JolgStMo8c9rfVI_FsDp2DzlO-_vDXjV6QyZKXAmFucPl7o6MlfbhhLCbQb6MYamu6Q43AbS5cuClHXdQZP7k4j9ZTz3V-ZkahyoeZMe16DRrNn6zJyqTrNJUieiz8Fy6mPNyOxBR1E0ho?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:41 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA93 30 KB
13 KB 605ms
604ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca97fafd6a87f7cfe9c8d4fea8a137df30556c0de1656f414b0d3f1cc36ecee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12963
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C58 153 KB
26 KB 628ms
627ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=2373185786&lmt=1701721481&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481738&bpp=3&bdt=90&idt=169&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&nras=1&correlator=3125074850772&frm=23&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=804490982&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=100&ifk=4239599670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079606%2C31079825%2C31079866%2C44795921%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3235045661876211&tmod=1022428475&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppfm1xx8h2iv&fsb=1&dtd=181

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

823d6160788579edfcfef033a469a0b8f1ae6f267dbe4e961cf79df6150085de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 26874
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D42D 16 KB
12 KB 59ms
59ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca0c4c647c2336b30ffb19a4a961547b9cdf0677d30ec71ba03c6650119de633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12220
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 35C9 187 KB
50 KB 637ms
636ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=6591594008&adk=3645781967&adf=3279755404&pi=t.ma~as.6591594008&w=400&lmt=1701721481&format=400x100&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481741&bpp=1&bdt=94&idt=185&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=804490982&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=4239599670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079606%2C31079825%2C31079866%2C44795921%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3235045661876211&tmod=1022428475&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.juubdhgxlk5n&fsb=1&dtd=190

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0aeb645323b093e1ea688255e391cb93837302ada4648e6d7f575fa49c9dacba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 50859
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D42D 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:24:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F5C 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 14:59:11 GMT
expires: Tue, 03 Dec 2024 14:59:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AE6D 829 B
997 B 19ms
18ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a6ccf5b27b10e3936d42b3222371e7ed8b9cecb5c4911521725601707e1420d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ycXBfMYeI_yUmsCuN4MDDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ycXBfMYeI_yUmsCuN4MDDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:42 GMT
expires: Mon, 04 Dec 2023 20:24:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F5C 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:45:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AE6D 0
0 40ms
40ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=3235045661876211&rc=
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template-v2/passback_ptomb/newsmoi24h.com-passback-ptomb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 18:31:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6784
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 20:31:38 GMT

GET
H2 200 newsmoi24h.com-passback-mobileinpage.min.js Show response
server.zmedia.vn/static/template-v2/passback_mobileinpage/ 29 KB
9 KB 278ms
277ms Script
application/javascript 123.30.177.125
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://server.zmedia.vn/static/template-v2/passback_mobileinpage/newsmoi24h.com-passback-mobileinpage.min.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 123.30.177.125 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: Byte-nginx /
Resource Hash: 604ce00ba927ab896cfc8aad7464646a084d193cbdc2a3465332f3a018a524f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:39:42 GMT
date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 06:19:58 GMT
server: Byte-nginx
ef-country-code: DE
etag: W/"65409c8e-73f0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
ef-cache-status: HIT

GET
H/1.1 200 zmzDklZIXkqsaO0nPcOkUYJGXOmZ-Hi3DA7L8okxbFKpoJGHbB6gwvTR28FPyRY5c1Iv78mvXZsQqyaR0MDFVValdfVdJrxt_aH8t7G5V3Mcg8PreP6PVDkzdvkK-w1iIPed_0k3pGgPGjGqRtfeAZbAmzDSOzdO9etrdp4GOoANECMaqU5hxgRg0j2erJPTGCYCe...
aj1559.online/ 49 B
512 B 93ms
93ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zmzDklZIXkqsaO0nPcOkUYJGXOmZ-Hi3DA7L8okxbFKpoJGHbB6gwvTR28FPyRY5c1Iv78mvXZsQqyaR0MDFVValdfVdJrxt_aH8t7G5V3Mcg8PreP6PVDkzdvkK-w1iIPed_0k3pGgPGjGqRtfeAZbAmzDSOzdO9etrdp4GOoANECMaqU5hxgRg0j2erJPTGCYCefxqXNlHsUM4kygRSiTH3V3O_Wj6lgg-sMSrJm8ZrX9ijNKtaTQFN2swJ0siCs_b_Hjjh-fhlzdKGuUBi0L0Y2MJudZI5Eolw7n8WY9ICGlIJSFY-76DT-blYEb9gpZez6N8dw12DpyFsr-pMwd98B9Re0nJWJS-scc-qef-G9v_uD2GA50l0qQ19_-oXuVelFQY8avlTLdz6ClbH?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7904 155 KB
52 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template-v2/passback_ptomb/newsmoi24h.com-passback-ptomb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a91086c24252d1d3cc323ea4e63faabdeb170fdc15fe693ad578903a372276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53141
x-xss-protection: 0
server: cafe
etag: 15887532847524994764
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0F5C 0
11 B 7ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UboAqg
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
145 B 16ms
15ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=484071371&t=pageview&_s=1&dl=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ul=en-us&de=UTF-8&dt=DJ%20Mie%20b%E1%BA%A5t%20ng%E1%BB%9D%20c%C3%B3%20h%E1%BB%A3p%20%C4%91%E1%BB%93ng%20b%C3%A9o%20b%E1%BB%9F%20h%E1%BA%ADu%20chia%20tay%20H%E1%BB%93ng%20Thanh%3A%20B%E1%BB%8B%20tung%20c.l.ip%20b%E1%BB%8Bt%20m%E1%BB%93m%3F%20-%20Newsmoi24h&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=newsmoi24h.com&cs=PTO_MB&cm=&cc=&_u=YADAAEABAAAAACAAI~&jid=636852546&gjid=1583664426&cid=354379157.1701721477&tid=UA-206083988-2&_gid=1612259780.1701721482&_r=1&_slc=1&z=459962214

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsmoi24h.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsmoi24h.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 7ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=484071371&t=event&_s=2&dl=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ul=en-us&de=UTF-8&dt=DJ%20Mie%20b%E1%BA%A5t%20ng%E1%BB%9D%20c%C3%B3%20h%E1%BB%A3p%20%C4%91%E1%BB%93ng%20b%C3%A9o%20b%E1%BB%9F%20h%E1%BA%ADu%20chia%20tay%20H%E1%BB%93ng%20Thanh%3A%20B%E1%BB%8B%20tung%20c.l.ip%20b%E1%BB%8Bt%20m%E1%BB%93m%3F%20-%20Newsmoi24h&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=newsmoi24h.com&cs=PTO_MB&cm=&cc=&ec=newsmoi24h.com&ea=PTO_MB&el=google-ads&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=354379157.1701721477&tid=UA-206083988-2&_gid=1612259780.1701721482&z=226764645

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 19:26:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3522
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=484071371&t=event&_s=3&dl=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ul=en-us&de=UTF-8&dt=DJ%20Mie%20b%E1%BA%A5t%20ng%E1%BB%9D%20c%C3%B3%20h%E1%BB%A3p%20%C4%91%E1%BB%93ng%20b%C3%A9o%20b%E1%BB%9F%20h%E1%BA%ADu%20chia%20tay%20H%E1%BB%93ng%20Thanh%3A%20B%E1%BB%8B%20tung%20c.l.ip%20b%E1%BB%8Bt%20m%E1%BB%93m%3F%20-%20Newsmoi24h&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=newsmoi24h.com&cs=PTO_MB&cm=&cc=&ec=newsmoi24h.com&ea=PTO_MB&el=google-ads&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=354379157.1701721477&tid=UA-206083988-2&_gid=1612259780.1701721482&z=2136439599

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 19:26:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3522
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ Frame 7904 398 KB
135 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=newsmoi24h.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28aa1fdfa11edd297d99adb46c782287f8ae4f4f5ec2ceee3f145252ec1228e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137670
x-xss-protection: 0
server: cafe
etag: 5677443492376406269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:42 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9FFF 153 KB
26 KB 652ms
651ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=480832095&lmt=1701721482&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482186&bpp=7&bdt=86&idt=172&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&nras=1&correlator=3125074850772&frm=23&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=611249942&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079865%2C42532523%2C44807406%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1143667814548548&tmod=358804787&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.vosjmp9glhfk&fsb=1&dtd=182

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d351c9ee0a5a4e73582e31a3d3a8432f0a952ee396dc5cea4c5f18e28a07e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 26714
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7904 16 KB
12 KB 58ms
58ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7670e56b1db7c758ad70fd115508d59816ec2912d4e0e6e7bc57466a1eb3071f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12088
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED8D 136 KB
45 KB 1456ms
1456ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=9217757340&adk=205261170&adf=2751417942&pi=t.ma~as.9217757340&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482193&bpp=1&bdt=93&idt=182&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=611249942&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=200&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079865%2C42532523%2C44807406%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1143667814548548&tmod=358804787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.gmqjc4jewi00&fsb=1&dtd=186

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8183c453233c51165f711954aa6338f5252b0adee8803b6831c72e860ecab99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A953 155 KB
52 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template-v2/passback_mobileinpage/newsmoi24h.com-passback-mobileinpage.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86478477db1719587594c77bc8237f1c63c42ef43bc42cc13a0bb703dc5e7466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53141
x-xss-protection: 0
server: cafe
etag: 10139878119198891098
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:42 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
52 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: aj1559.online
URL: https://aj1559.online/ba298f04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d13df09971c4b14ec956843d7d49207f895970f9a1ac3e11db54644e2b291d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Origin: https://newsmoi24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53143
x-xss-protection: 0
server: cafe
etag: 4447967987719724263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:42 GMT

GET
H/1.1 200 z6VGBCKezAdpER8qCMvl0e86dSdDpm0Xz92asAlTi3-zBjI2FCM4Eo16me65rPNltJ-R_sh3ls4oEVXq4i2uG1lXGAlBo25xugydvxY71f4uQRppcHK-YteZB22BTb65YU154jkCSRmrc73hsIaM9GzTMffVLw-LSaoV8PMFJk6XTefiopH_ILdRhCLqkCLMMRdbb...
aj1559.online/ 49 B
512 B 93ms
92ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/z6VGBCKezAdpER8qCMvl0e86dSdDpm0Xz92asAlTi3-zBjI2FCM4Eo16me65rPNltJ-R_sh3ls4oEVXq4i2uG1lXGAlBo25xugydvxY71f4uQRppcHK-YteZB22BTb65YU154jkCSRmrc73hsIaM9GzTMffVLw-LSaoV8PMFJk6XTefiopH_ILdRhCLqkCLMMRdbbAwYSq-cPPRY9i4BJbOejur89eJUAmKWICZYcUkxvc1jSzz4apzSLrQDdYHwDodFdQjItG2NqoDFmsxJ4S_fv-UxpesKl9ya7f-QZYIlJqK8fd_odAx2bzPd-EuJfsrYEcIk9IkTpXraCbblzX1q7vuGoGrKPHCJLaydnvoYSOjKjtChTd7Z5jf4rqhM18SfTUK0RZAQDj-uVIeDY?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:41 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 367E 624 B
242 B 55ms
54ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYpq39xAEwAQ&v=APEucNWfjJD1S5oCPm9PQQ54-tb4XF9H7kQF5Gd5LrKPNnwzXfyAcgarglJ5obk1oXL3v1unzaVVPQro3UUtT2ZffwYR14i0o91loX-Or_S9zLAZqPz5P2F5qXd149RNrAnJLR0SoS7IjtaE5-m0NYq0QHXtfrbJsLO3IJBCZ8gjSTDi3KdS7Rw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7DAA 89 KB
31 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 7DAA 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 13:51:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 7DAA 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7DAA 0
0 15ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSksV95E-rfBS_DuMWB3Ev-h5nX0k7aPyVEa55lg1F1J01fJ7uwntarPdp9SAViYKUjHZ3Jl1t1Tl2_tMske_GmjUw2ww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DAA 202 KB
64 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DAA 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtYRYrTvblL53koA56EDoy1HH9v7pkDvqo8rjy391hScVlt1_cHY9Q7emuqGQbiRfMkS0Wcb2Jx5YjtlCoDOlm5LHeLcENSDfPYVRTQH-Dy8Rj1uo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DAA 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1814852997444576810&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7904 17 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:24:42 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 367E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2uwIF4pETlxH9Ly-BhOZw&google_cver=1

43 B
339 B

24ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2uwIF4pETlxH9Ly-BhOZw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYpq39xAEwAQ&v=APEucNWfjJD1S5oCPm9PQQ54-tb4XF9H7kQF5Gd5LrKPNnwzXfyAcgarglJ5obk1oXL3v1unzaVVPQro3UUtT2ZffwYR14i0o91loX-Or_S9zLAZqPz5P2F5qXd149RNrAnJLR0SoS7IjtaE5-m0NYq0QHXtfrbJsLO3IJBCZ8gjSTDi3KdS7Rw
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNNbBsRoUCDh3Q3kY1%2FGXpuwLQldbZL72WtSe1%2F4s7kdRVyaEdrV49a2w2SM2BOF8%2B0LqfRQ7accK87jXKGHwvfu1uH4CBx%2FCUX7Mv2z369ebLEaqfA%2F5D0d5lhFy6nDZmrGR8M9y20f8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8306c641e8533686-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2uwIF4pETlxH9Ly-BhOZw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 367E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW41iuYu5JAqJG5FdoOIBQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2uwIF4pETlxH9Ly-BhOZw&google_cver=1

43 B
766 B

49ms
49ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2uwIF4pETlxH9Ly-BhOZw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYpq39xAEwAQ&v=APEucNWfjJD1S5oCPm9PQQ54-tb4XF9H7kQF5Gd5LrKPNnwzXfyAcgarglJ5obk1oXL3v1unzaVVPQro3UUtT2ZffwYR14i0o91loX-Or_S9zLAZqPz5P2F5qXd149RNrAnJLR0SoS7IjtaE5-m0NYq0QHXtfrbJsLO3IJBCZ8gjSTDi3KdS7Rw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVP6VhRDs678VFSgbRrQR7cKyDYEtn0l1Ii%2B2Gq45DDab1oWZVYJ2cRbHL85e4emcnuMo3sNMgBK1SdC8s7BI%2BGaiMtqiyPcm4NZZsdu%2B8A4yCP9Ye2c6%2F79iAnwcXixH41n5CIYLnEIqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8306c6422b04bbc1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2uwIF4pETlxH9Ly-BhOZw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 367E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOPcd2qQNLwEfiNT4yknSps&google_cver=1

43 B
834 B

37ms
36ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOPcd2qQNLwEfiNT4yknSps&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYpq39xAEwAQ&v=APEucNWfjJD1S5oCPm9PQQ54-tb4XF9H7kQF5Gd5LrKPNnwzXfyAcgarglJ5obk1oXL3v1unzaVVPQro3UUtT2ZffwYR14i0o91loX-Or_S9zLAZqPz5P2F5qXd149RNrAnJLR0SoS7IjtaE5-m0NYq0QHXtfrbJsLO3IJBCZ8gjSTDi3KdS7Rw

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
an-x-request-uuid: 5e630acd-2cdc-484a-b78a-eccca15ba940
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.202; 80.255.10.202; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOPcd2qQNLwEfiNT4yknSps&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 367E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0NDQxMTMyMjQ0NzQ4NDIwNg%3D%3D

170 B
243 B

18ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0NDQxMTMyMjQ0NzQ4NDIwNg%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
an-x-request-uuid: 6d31d1cf-2c26-4c65-b854-e019826cdfc0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0NDQxMTMyMjQ0NzQ4NDIwNg%3D%3D
x-proxy-origin: 80.255.10.202; 80.255.10.202; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B83 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 14:59:11 GMT
expires: Tue, 03 Dec 2024 14:59:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 11F3 829 B
560 B 18ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4660d41501170b9554d6e9929816eeb5716bb6feb4895b82e6f99f2792ccede

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F11ezV2DyB-fBJZhlOpQig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-F11ezV2DyB-fBJZhlOpQig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:42 GMT
expires: Mon, 04 Dec 2023 20:24:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ Frame A953 398 KB
135 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=newsmoi24h.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db321450e4f40e971f437d92f1319b16ad3d78a653aaa2283b96e356096706f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137674
x-xss-protection: 0
server: cafe
etag: 10518415025208744757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:42 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DAA 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1176457330292&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DAA 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1176457330292&version=m202309260101&ct=76&x=1&cor=1814852997444576800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7DAA 108 KB
41 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag5FJfap4VEzgCWwaYydz3bsZ08CMXqbxCXmV1A7cni5i6aPej1MMdqCMSpZp9fZu1sWbbFf8Yz3XxfWChtPY5AOLsjU6y7piiu28yxS5LBiqFijZPM-jRfSXWKuw6P990lv70pWPeyoaLWeUOjzK1ryx6loZlK-NKLTiFR7v20rmSMF8&dbm_d=AKAmf-ALSxp--LWZgUPxjNwUFYYod2-xRieeDy8T5ycL7SsJAs_FWSrUZHMRZMJ96KgZXdOJS6gSBslpKc_1qGNNXEituzuZcHQCY146Zd7MVTztf7-MCDve3b774WgznerDU0mly_5YEMpFyp5c6G3eJ-ZFFgZRJVphMoVw6nvyzBOl62WqVBfYrGcvyk3xZRjK0FMD51nGtl0SoA_gx8MpHaf5_w4DVOJL8b0F0Q4VZ21nCEuwC3GbvrsZWI0sCqnq3gGrVC2c8o04tRh22QJfUTWq5kvBWFpa0CZgNuav5i_2SxKF2uZARbw_z6SGak_JL6gFoktBVdlhvY91Wvi2KMxEMXBfXoPa3EuvawuNLIwQpBpUgRIWOBg7-xafMUT6X5JvnNB-mDJ1IeE2oN6l-6qEn7Xg-bBBaxoHlIO_UeaGTyw76tHHGZjPPmIxBr5P3wdsx5t__YK5PraMfAzOt7WxkHXLu3lHedsHORkPL9ik7S-3UApOnZrOqbccN6RMNiZclr4I31LNca5Z7bqbsGm8lamT2Iycl9YOKQb5Ag0gBWz19GfV1sjkLsq7Kd-xn8KOnja2Pt0_Fbe-G7Z8PL3K8GhVva-FpsTluDYceM8Hc6VMQdBkPljt7BJ0F1X8qot_XvmXr8s6iYsCDnhMHv9HChIrto8_4_n-WkvRi2sLdPhR2uvUeQjJJuGnuakK8zQj-KMrLxcOlqUGunn5ZakQu4-UUqvtJ6LTnRkzE6r_s8y3KP_us-0CJtnKEndHYIDoXQ02PRrsfBCbRCvf9Zb-K4HJOMPVeON6qREZTVN4SYEhnRV2-2Hbk1_42ZJMe88DdiAaF36h0do0ybN1AawZWBpBXUygk3Cuxik4NKkvymxhEdTYd--UQF0uyvDfehC2EblvGb7Bf4C_5c0OpKP9vAOTDPRp3K14szqTfUs_Y2SFfogWAG4RCnl7PGJMM1yLmN1RAlaJ4sI8yrmmuQ21x-HOiRLVyq36gXBwJVdBSYcrOHSk8TrBRCQ9NJ05uZ--DghUZEUPa_CLbWsi3YPq-ulT-Z09FenIjzCMKJ5MIPEV4-tM47qSdHWQFTBqJQ40OR-caK5-OHQhJTRZzJmjPf4uI_h0TzAhDbKUv7cpczafywg3AhXCGGFAljUPDYRuZYOITrrScWKoOBUbiHabZrrQFDQ9IG8WwWnSnka4OLUH4h8H-xZnjZ108OKtZRlle9n4uvYToWLvfsuial2mxBul7cH1WzhaDxiOWfJHHpC78Y0uGiTrRvvxBTvFP0wja1s4lx0rgX54lqcgO3egHXo4AholGQ8pKFp8oox7HUcavVj7uDzg2NxCuLzAHbxFnG1ZY7vGL4kqVO4sBGK0MAZE9ZOegUA6TmvvcNcOBomE24SQrA2rSCTkqMT1ZCctoA-ulGoStF5OdEAtuk63PxLjVO-jnmBowdVxlOuKZQvm8vLQY0OLuNwAI6lF_jAECI1msPm_e6plOYqrzokq2kaWqDbrUI3uPeizUvLJv1sBZwtwibdUz63ZOIt7QRJDkGrahPjgfA9fk32Nz7vJO3543D5lP58qzXqm_Idgup7BdYS1yx49Vf6ccswoCgrv4KQbp_lwHTFobF_2HUW9EnozfVpve3dKjIDC0lmsMC_X9I1-Nv0gjzdLdczYB06ZxdA5t8gufU3BuL_JoB3CHXgetAcYhVJYmgdV7Tgt1pWqTU4qoheLOJEbEq2Vp9fMgWTe2e5pJsEsTBOIStK19vTkgvmrcGLZOSiYFmPIXYGkoB5wd1x00T_vmx8nvhI3EVbM6hbQZc_P1b-Tlt7kCRF4jxvNEkvvitA3bwlq1nxvBDmFBPTM4s72bEjGZ_apCzl3XWxUKY6rrW8kX0U9NL1k12HY4qoA1e7gvbnxNLckMgstzgC8eAInytOn_t8TfvjttkxFEcWZWu725cazhBXYUBPtnPciu58Om-VKTr85PNHwC4kZBZsm6O4253n59K649qy-FKOI5zJVQVxAomvBHvqMsasPHnYI61d8PhznXxpY-J4RIroLDQ8xcvThQPjeGLU5KZGHCDnxdu58itzlsS-cMli0ZXsR-3j6FjI_hCx49rCPxBpqFieWkeWxW7tIUJpawctmDK9nPCBuSbsxG8caEIBUbs2QqrLCOFLKKfEa-JTyujEAS2Xt-KNDVDBVtJW-5-3q5ccqF7A5kSVadoOfPQyucwuByAgkx2sZn5ErPyux4apBbgm4ITt88yUqE6eXQqluDTKLCz4z2A8qRlhWs4Zg6Uj6ItIqVs4kthLLr2raYE8DBV8pZoIfDpy1uFSIIRy2uR1FHkaXp-kwPWXfVTFLMiBmY3U3vOc65FXVcEsAF8frsGbSahi4lCWoaKJgAVi9XBoTMkCRzu8ov_AEVzYdSDtVbrjV90wm3lTFrvW0oHKgML7MzmGkNBd2zeSYMDH6SkWBUlI3y1f_vjCxcl-7B5GimCDDqnwYS9e2svoLRcShlk7I-h5f-94UEo8D6r1bBEwNuDVCDGPZemmuvo4Twpg178VXmjUtVMxIv74WuqqoKV0JOEyWoDO2WYa6_EJcPXNjU9vcVptlfIQs4jvJmWjEboQMGSUXj2R7RZXgSnCTD_sPopyNVlIGlXncyDgiEb7dBEwNU_E3rKt1g4x4MFB9FDLOkt7gq0UavSNDha-hX9w8-jlK2YLUQzm4ItTTqgrWgVsuYE4JRiVucW6jLOc6m4b8BBZI7u-W3-qJvwD2nOxJR-EvsS7j02VBUaqvNEW7DayM6fIizfKiS59o4mV51Z59w3aUegsaevE2NgmLJDeDwZC7TyIjIDwMvDfCSdPPITyYGYJ1Ol2QPpdGFHD5jGXhWAN3pVyti53GS4prD7RDFcXsIh0VJWQKSvLr3jH15TgvBg-7Kr5nyJqSzXPVxE_HkvjKsodEwh4VKFxrab48iSHMR3b038H1UB4Fe2wxAbMwqdhiAw4BV-Lzj1R_p_1wKy2R7lmTW_0co6oNJ3APS_k_CVjKF9ZwWRuqQ1YViTF51H9qdJZ_wgpVk3cWHFh6gkFwDCj43Hs7MN-cu2BdTG9rCQRMyQ2LURWScJhbBN8udqp1kjdAaQO_5i30ZTmkek0HZceYSvHl8NOL9_ktEmoz1LVd1_Bl8l4FmcNpI0NINfKSjlwacevZ-HFVOtZgjRXu-v-BTOTunGOdkiwJ314_pnkBWxg_FUUJpcEsUWtUOQoaVCGCksODYCRsmhxAFO3eU4nuxGHy6qV6XcTdk16785KQYdcX68NZKBmCiVbB6JuB8oz-viteTyIi9BDL87pbXKZbK6nbzRNY6Rzr_mdeqiJooV2azbLJ2e8Nn9IMn2N9K7MLEtZDexvzPtWOUhy98Kr-3PcpZDvi0R4_Kdl9iPtONStRzgfJ_GmIrybtWU47ZEqmIkTklw9TL_fvSQs2gvqPqqR0x1KzyZ000lwgAAhJK9_kZywLfz35f9-dFgZs9PbV-maRi9X9sevGUgL_qW0_ZPF5OsgzTBOzQ3nPvpXia-dhsN-CQmLvgxw8QgY14jB8LSffX3rCeAopGhwu3P-xSAsHeU8woPYJCZl0fgTcXDrmecEYUiarE9mHxQ4aWsML82xLw1k6Yw5aTx8PX6f78tMqtTHJbask3kmo9hYJRF1ackuygJhjP9ZXUbwWmsVKwUmDMw3G3emJPhAF4fT4qBdRM51pBeaCBrqu8Qlmx3pNJRaqyUuBQVab_zSsCywS3eGBp0HncdHSnkH822QL4GOEUigGOrk68vb6Y5yvhn6xQmaLxIf-k78AbXgbrTr5Bs_haYTSwFd9hhrMK2FQR0hTDNkcDCQAx5-9b3nB2luhEqmtj0mANIqWjauJIfneY6ncj0nkqFeWR1_8zhRxZLmbdMtQqxnImJAPalWtQoB3X95J8Q4xGg4udARRr2KGXS6emKqJTY1OnxRVL1fCIfkBqU2tt8D9_PuYYX-10TbhY4-Tj4azTf41CIQ2RHlTDdERGK--bHNOb5VUFMuQkVX41ErpWb-xED3Pm9O34bQKwcShZJoflV8deWPorKTzAZAKCYusTXqvfRjhuzoY_lklephzSTHCUPTkLOEBpTZcWvM8wjY1AEkTehBsmIIsIWmU_7vh-Raf0K7-4MhthOJqExBNyTFqAsMBss_0&cid=CAQSOwDICaaNU0D06uA_NYqTXQESdWJmVz7cEiTtWgxhNvnm54td4jNf-3VS9eTBN99voNyCKzIy9iobp5W6GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnewsmoi24h.com%2F&ds=l&xdt=1&iif=1&cor=1814852997444576800&adk=2935317967&idt=133&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f228f2615014423a167fc9589898895237094e70c8144b0a0cfc8ccfd4f0b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 zzVTO9jiNyXeKkopX3zeRJ8RHWRgPtHtz6BGoAPeJDWAGnKfuEZQMlIr-NhitPTQcyju3V4DSonC12bBsbaTuaN-tG-GIK1yRS66LMooTkCbTtn-uCbvclRVTPx1T1rbKm-tSN9hZL3fS1oUvqPI6CsRlCUP8ap7GgSlIdx1x9-TQukcOpatZjWQHvTf7a0Ho6krj...
aj1559.online/ 49 B
512 B 94ms
93ms Image
image/gif 212.124.124.8
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zzVTO9jiNyXeKkopX3zeRJ8RHWRgPtHtz6BGoAPeJDWAGnKfuEZQMlIr-NhitPTQcyju3V4DSonC12bBsbaTuaN-tG-GIK1yRS66LMooTkCbTtn-uCbvclRVTPx1T1rbKm-tSN9hZL3fS1oUvqPI6CsRlCUP8ap7GgSlIdx1x9-TQukcOpatZjWQHvTf7a0Ho6krjDiLbH7Vjrphb_ygQnGgcq0-NIRfnnKaHSfRnCCiy4-x1s4y_7bD_1sMVFIR3hJsiSOcwFxNrmHWR4ESaSD_e0LV1w87ufWcjDtvhqXw7SS1UYYpQMzbFHYt5c3iVhX0QFWEP22DMYjS0TFvVir5Z-QZ2URiY03ce36h9XkW97xnzbL_PJZw6tFq58SDMRI-QEdy2GbsaVB7C5bgv?DC=DO
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.8 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:41 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 35C9 14 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=6591594008&adk=3645781967&adf=3279755404&pi=t.ma~as.6591594008&w=400&lmt=1701721481&format=400x100&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481741&bpp=1&bdt=94&idt=185&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=804490982&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=4239599670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079606%2C31079825%2C31079866%2C44795921%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3235045661876211&tmod=1022428475&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.juubdhgxlk5n&fsb=1&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 19:24:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 20:24:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 35C9 2 KB
831 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:24:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 35C9 24 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:23:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 35C9 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 13:51:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 35C9 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 35C9 0
0 17ms
17ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4ccs75kJDTKpGqA7kufMB_fy_L8CcZWHuzKLgqe6AKe7tvg6FxQqq61e1bAyizveK8lnKrNPduC1vQdaINJDAfHSHzg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=6591594008&adk=3645781967&adf=3279755404&pi=t.ma~as.6591594008&w=400&lmt=1701721481&format=400x100&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481741&bpp=1&bdt=94&idt=185&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=804490982&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=4239599670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079606%2C31079825%2C31079866%2C44795921%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3235045661876211&tmod=1022428475&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.juubdhgxlk5n&fsb=1&dtd=190
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35C9 202 KB
64 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:42 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 35C9 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 21:48:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11F3 0
0 42ms
41ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=1143667814548548&rc=
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DD0E 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D42D 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=100&eid=44759875%2C44759926%2C44759837%2C31079606%2C31079825%2C31079866%2C44795921%2C44807764%2C44808148%2C44808285%2C44809072&hl=vi&pvc=3235045661876211

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 18337706635704523187
tpc.googlesyndication.com/simgad/ Frame 35C9 4 KB
4 KB 8ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18337706635704523187?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23036658725405b74ec18faff686a81a4a4a6fdcf886a3ed9954c133d08f349e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:52:09 GMT
x-content-type-options: nosniff
age: 171153
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4515
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 13:18:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 20:52:09 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B83 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:45:17 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527764/ Frame 7DAA 256 KB
77 KB 104ms
32ms Script
application/javascript 54.78.201.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527764/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-3619133031508264&ias_chanId=1&ias_placementId=20343401207&bidurl=https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hV1RASkY790cTiFW61HNAx
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.201.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-201-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dfff719121416860b3750df6d256891c258e27731f2a12389791f91d63fe0f68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7DAA 111 KB
39 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 19:51:26 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 7DAA 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag5FJfap4VEzgCWwaYydz3bsZ08CMXqbxCXmV1A7cni5i6aPej1MMdqCMSpZp9fZu1sWbbFf8Yz3XxfWChtPY5AOLsjU6y7piiu28yxS5LBiqFijZPM-jRfSXWKuw6P990lv70pWPeyoaLWeUOjzK1ryx6loZlK-NKLTiFR7v20rmSMF8&dbm_d=AKAmf-ALSxp--LWZgUPxjNwUFYYod2-xRieeDy8T5ycL7SsJAs_FWSrUZHMRZMJ96KgZXdOJS6gSBslpKc_1qGNNXEituzuZcHQCY146Zd7MVTztf7-MCDve3b774WgznerDU0mly_5YEMpFyp5c6G3eJ-ZFFgZRJVphMoVw6nvyzBOl62WqVBfYrGcvyk3xZRjK0FMD51nGtl0SoA_gx8MpHaf5_w4DVOJL8b0F0Q4VZ21nCEuwC3GbvrsZWI0sCqnq3gGrVC2c8o04tRh22QJfUTWq5kvBWFpa0CZgNuav5i_2SxKF2uZARbw_z6SGak_JL6gFoktBVdlhvY91Wvi2KMxEMXBfXoPa3EuvawuNLIwQpBpUgRIWOBg7-xafMUT6X5JvnNB-mDJ1IeE2oN6l-6qEn7Xg-bBBaxoHlIO_UeaGTyw76tHHGZjPPmIxBr5P3wdsx5t__YK5PraMfAzOt7WxkHXLu3lHedsHORkPL9ik7S-3UApOnZrOqbccN6RMNiZclr4I31LNca5Z7bqbsGm8lamT2Iycl9YOKQb5Ag0gBWz19GfV1sjkLsq7Kd-xn8KOnja2Pt0_Fbe-G7Z8PL3K8GhVva-FpsTluDYceM8Hc6VMQdBkPljt7BJ0F1X8qot_XvmXr8s6iYsCDnhMHv9HChIrto8_4_n-WkvRi2sLdPhR2uvUeQjJJuGnuakK8zQj-KMrLxcOlqUGunn5ZakQu4-UUqvtJ6LTnRkzE6r_s8y3KP_us-0CJtnKEndHYIDoXQ02PRrsfBCbRCvf9Zb-K4HJOMPVeON6qREZTVN4SYEhnRV2-2Hbk1_42ZJMe88DdiAaF36h0do0ybN1AawZWBpBXUygk3Cuxik4NKkvymxhEdTYd--UQF0uyvDfehC2EblvGb7Bf4C_5c0OpKP9vAOTDPRp3K14szqTfUs_Y2SFfogWAG4RCnl7PGJMM1yLmN1RAlaJ4sI8yrmmuQ21x-HOiRLVyq36gXBwJVdBSYcrOHSk8TrBRCQ9NJ05uZ--DghUZEUPa_CLbWsi3YPq-ulT-Z09FenIjzCMKJ5MIPEV4-tM47qSdHWQFTBqJQ40OR-caK5-OHQhJTRZzJmjPf4uI_h0TzAhDbKUv7cpczafywg3AhXCGGFAljUPDYRuZYOITrrScWKoOBUbiHabZrrQFDQ9IG8WwWnSnka4OLUH4h8H-xZnjZ108OKtZRlle9n4uvYToWLvfsuial2mxBul7cH1WzhaDxiOWfJHHpC78Y0uGiTrRvvxBTvFP0wja1s4lx0rgX54lqcgO3egHXo4AholGQ8pKFp8oox7HUcavVj7uDzg2NxCuLzAHbxFnG1ZY7vGL4kqVO4sBGK0MAZE9ZOegUA6TmvvcNcOBomE24SQrA2rSCTkqMT1ZCctoA-ulGoStF5OdEAtuk63PxLjVO-jnmBowdVxlOuKZQvm8vLQY0OLuNwAI6lF_jAECI1msPm_e6plOYqrzokq2kaWqDbrUI3uPeizUvLJv1sBZwtwibdUz63ZOIt7QRJDkGrahPjgfA9fk32Nz7vJO3543D5lP58qzXqm_Idgup7BdYS1yx49Vf6ccswoCgrv4KQbp_lwHTFobF_2HUW9EnozfVpve3dKjIDC0lmsMC_X9I1-Nv0gjzdLdczYB06ZxdA5t8gufU3BuL_JoB3CHXgetAcYhVJYmgdV7Tgt1pWqTU4qoheLOJEbEq2Vp9fMgWTe2e5pJsEsTBOIStK19vTkgvmrcGLZOSiYFmPIXYGkoB5wd1x00T_vmx8nvhI3EVbM6hbQZc_P1b-Tlt7kCRF4jxvNEkvvitA3bwlq1nxvBDmFBPTM4s72bEjGZ_apCzl3XWxUKY6rrW8kX0U9NL1k12HY4qoA1e7gvbnxNLckMgstzgC8eAInytOn_t8TfvjttkxFEcWZWu725cazhBXYUBPtnPciu58Om-VKTr85PNHwC4kZBZsm6O4253n59K649qy-FKOI5zJVQVxAomvBHvqMsasPHnYI61d8PhznXxpY-J4RIroLDQ8xcvThQPjeGLU5KZGHCDnxdu58itzlsS-cMli0ZXsR-3j6FjI_hCx49rCPxBpqFieWkeWxW7tIUJpawctmDK9nPCBuSbsxG8caEIBUbs2QqrLCOFLKKfEa-JTyujEAS2Xt-KNDVDBVtJW-5-3q5ccqF7A5kSVadoOfPQyucwuByAgkx2sZn5ErPyux4apBbgm4ITt88yUqE6eXQqluDTKLCz4z2A8qRlhWs4Zg6Uj6ItIqVs4kthLLr2raYE8DBV8pZoIfDpy1uFSIIRy2uR1FHkaXp-kwPWXfVTFLMiBmY3U3vOc65FXVcEsAF8frsGbSahi4lCWoaKJgAVi9XBoTMkCRzu8ov_AEVzYdSDtVbrjV90wm3lTFrvW0oHKgML7MzmGkNBd2zeSYMDH6SkWBUlI3y1f_vjCxcl-7B5GimCDDqnwYS9e2svoLRcShlk7I-h5f-94UEo8D6r1bBEwNuDVCDGPZemmuvo4Twpg178VXmjUtVMxIv74WuqqoKV0JOEyWoDO2WYa6_EJcPXNjU9vcVptlfIQs4jvJmWjEboQMGSUXj2R7RZXgSnCTD_sPopyNVlIGlXncyDgiEb7dBEwNU_E3rKt1g4x4MFB9FDLOkt7gq0UavSNDha-hX9w8-jlK2YLUQzm4ItTTqgrWgVsuYE4JRiVucW6jLOc6m4b8BBZI7u-W3-qJvwD2nOxJR-EvsS7j02VBUaqvNEW7DayM6fIizfKiS59o4mV51Z59w3aUegsaevE2NgmLJDeDwZC7TyIjIDwMvDfCSdPPITyYGYJ1Ol2QPpdGFHD5jGXhWAN3pVyti53GS4prD7RDFcXsIh0VJWQKSvLr3jH15TgvBg-7Kr5nyJqSzXPVxE_HkvjKsodEwh4VKFxrab48iSHMR3b038H1UB4Fe2wxAbMwqdhiAw4BV-Lzj1R_p_1wKy2R7lmTW_0co6oNJ3APS_k_CVjKF9ZwWRuqQ1YViTF51H9qdJZ_wgpVk3cWHFh6gkFwDCj43Hs7MN-cu2BdTG9rCQRMyQ2LURWScJhbBN8udqp1kjdAaQO_5i30ZTmkek0HZceYSvHl8NOL9_ktEmoz1LVd1_Bl8l4FmcNpI0NINfKSjlwacevZ-HFVOtZgjRXu-v-BTOTunGOdkiwJ314_pnkBWxg_FUUJpcEsUWtUOQoaVCGCksODYCRsmhxAFO3eU4nuxGHy6qV6XcTdk16785KQYdcX68NZKBmCiVbB6JuB8oz-viteTyIi9BDL87pbXKZbK6nbzRNY6Rzr_mdeqiJooV2azbLJ2e8Nn9IMn2N9K7MLEtZDexvzPtWOUhy98Kr-3PcpZDvi0R4_Kdl9iPtONStRzgfJ_GmIrybtWU47ZEqmIkTklw9TL_fvSQs2gvqPqqR0x1KzyZ000lwgAAhJK9_kZywLfz35f9-dFgZs9PbV-maRi9X9sevGUgL_qW0_ZPF5OsgzTBOzQ3nPvpXia-dhsN-CQmLvgxw8QgY14jB8LSffX3rCeAopGhwu3P-xSAsHeU8woPYJCZl0fgTcXDrmecEYUiarE9mHxQ4aWsML82xLw1k6Yw5aTx8PX6f78tMqtTHJbask3kmo9hYJRF1ackuygJhjP9ZXUbwWmsVKwUmDMw3G3emJPhAF4fT4qBdRM51pBeaCBrqu8Qlmx3pNJRaqyUuBQVab_zSsCywS3eGBp0HncdHSnkH822QL4GOEUigGOrk68vb6Y5yvhn6xQmaLxIf-k78AbXgbrTr5Bs_haYTSwFd9hhrMK2FQR0hTDNkcDCQAx5-9b3nB2luhEqmtj0mANIqWjauJIfneY6ncj0nkqFeWR1_8zhRxZLmbdMtQqxnImJAPalWtQoB3X95J8Q4xGg4udARRr2KGXS6emKqJTY1OnxRVL1fCIfkBqU2tt8D9_PuYYX-10TbhY4-Tj4azTf41CIQ2RHlTDdERGK--bHNOb5VUFMuQkVX41ErpWb-xED3Pm9O34bQKwcShZJoflV8deWPorKTzAZAKCYusTXqvfRjhuzoY_lklephzSTHCUPTkLOEBpTZcWvM8wjY1AEkTehBsmIIsIWmU_7vh-Raf0K7-4MhthOJqExBNyTFqAsMBss_0&cid=CAQSOwDICaaNU0D06uA_NYqTXQESdWJmVz7cEiTtWgxhNvnm54td4jNf-3VS9eTBN99voNyCKzIy9iobp5W6GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnewsmoi24h.com%2F&ds=l&xdt=1&iif=1&cor=1814852997444576800&adk=2935317967&idt=133&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:58:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 7DAA 31 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:51:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7DAA 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 65E8 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7DAA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 504d64a2476069f995990d329a77a287b0177cd33022d9c3878b5aeee479f559

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame DD0E 35 B
463 B 42ms
9ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI6aAb8ZIwTeDMkTPbtk6to&google_cver=1&google_push=AXcoOmSuvgZHlH--Po6woiQX6hqS-Y6Y-_2F9N4nHqtp6WqV7ICDZkt4PVrktteqac8OmtcWLqXCichHApqJKnHJaOp-ETJysthGRaPB84ZDdaukEshxL75CNXNAFi8twzQ39kYgjMYaqd0jYWrOfxIFA2hj_Q

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame DD0E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECLC0ZlslqGPw5tdr0jX9Eo&google_cver=1&google_push=AXcoOmREmCxz2TPAL25ZkZE_xL106y0Rk3h8TpIbYc_e0hyuPDebmnZMaaqNI4YGcIkrovxvcR7abTYHluRsMXQ1OxizfY01DkFrH...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECLC0ZlslqGPw5tdr0jX9Eo&google_cver=1&google_push=AXcoOmREmCxz2TPAL25ZkZE_xL106y0Rk3h8TpIbYc_e0hyuPDebmnZMaaqNI4YGcIkrovxvcR7abTYHluRsMXQ1OxizfY01DkF...

43 B
453 B

201ms
182ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECLC0ZlslqGPw5tdr0jX9Eo&google_cver=1&google_push=AXcoOmREmCxz2TPAL25ZkZE_xL106y0Rk3h8TpIbYc_e0hyuPDebmnZMaaqNI4YGcIkrovxvcR7abTYHluRsMXQ1OxizfY01DkFrHhBAPRkACjLpSBD2p5yf-KyiIenyx1rWjVMRisa3BovVHmNyjZ-PJDBC0xw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmREmCxz2TPAL25ZkZE_xL106y0Rk3h8TpIbYc_e0hyuPDebmnZMaaqNI4YGcIkrovxvcR7abTYHluRsMXQ1OxizfY01DkFrHhBAPRkACjLpSBD2p5yf-KyiIenyx1rWjVMRisa3BovVHmNyjZ-PJDBC0xw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8306c6447a101c6d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1550
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECLC0ZlslqGPw5tdr0jX9Eo&google_cver=1&google_push=AXcoOmREmCxz2TPAL25ZkZE_xL106y0Rk3h8TpIbYc_e0hyuPDebmnZMaaqNI4YGcIkrovxvcR7abTYHluRsMXQ1OxizfY01DkFrHhBAPRkACjLpSBD2p5yf-KyiIenyx1rWjVMRisa3BovVHmNyjZ-PJDBC0xw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmREmCxz2TPAL25ZkZE_xL106y0Rk3h8TpIbYc_e0hyuPDebmnZMaaqNI4YGcIkrovxvcR7abTYHluRsMXQ1OxizfY01DkFrHhBAPRkACjLpSBD2p5yf-KyiIenyx1rWjVMRisa3BovVHmNyjZ-PJDBC0xw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8306c643288d1c6d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD0E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGsFQPd-BlN22EQvdkSi830&google_push=AXcoOmSOFCbbBxq1ukuWvLO0TK30yajw7qpaNBwF0bVNCAZaEpVTyWwxXY...

170 B
188 B

20ms
19ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGsFQPd-BlN22EQvdkSi830&google_push=AXcoOmSOFCbbBxq1ukuWvLO0TK30yajw7qpaNBwF0bVNCAZaEpVTyWwxXYJeDAAhh1A2zHkG4EsFmNXBP5ixz8YIN7mFVkgQwMnRWlCLDtir3rgbe6Dh0PvBQ_xyuOX91GY7MVgaD4_XFLPMpzDUZKytmu6e2A

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230134-FRA
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701721483.753049,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGsFQPd-BlN22EQvdkSi830&google_push=AXcoOmSOFCbbBxq1ukuWvLO0TK30yajw7qpaNBwF0bVNCAZaEpVTyWwxXYJeDAAhh1A2zHkG4EsFmNXBP5ixz8YIN7mFVkgQwMnRWlCLDtir3rgbe6Dh0PvBQ_xyuOX91GY7MVgaD4_XFLPMpzDUZKytmu6e2A
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 451 466606.gif
id.rlcdn.com/ Frame DD0E 0
98 B 50ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQrGF1qSD_K2gx-QVijTEO8q16g-Wn2CIWYE4rmiar0kZ4JZFMXSLM7yuHuAplGWHWro4wlLyNMCJclMP0_Z12QQ9Ow410U73n3U7_2cI3O2UM-UPQgzuSZyZsgxViZrUDP37dRqJiEHokbesfNDNX7EtI&google_gid=CAESEFn8vm0pQTmMG9RBp0YYgNM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=6591594008&adk=3645781967&adf=3279755404&pi=t.ma~as.6591594008&w=400&lmt=1701721481&format=400x100&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481741&bpp=1&bdt=94&idt=185&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=804490982&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=4239599670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079606%2C31079825%2C31079866%2C44795921%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3235045661876211&tmod=1022428475&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.juubdhgxlk5n&fsb=1&dtd=190
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame DD0E 42 B
204 B 39ms
16ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELW5ahISjm0UU4nsSc2YD5g&google_push=AXcoOmTFDukbb_2JqGW218jFpA_XhcNbGTBGY-7pJX3tq9tvuiQ77eHB3fBhG32xlb4mwq0j4FtCG0HzU6FLJ7wPpG48rQ4b2rZlctj8GSjS7QRhdfhVHTW2_PRghXvOxHfsJC9mxQ6qUDuUG8i2KOpmgTIhfQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=6591594008&adk=3645781967&adf=3279755404&pi=t.ma~as.6591594008&w=400&lmt=1701721481&format=400x100&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481741&bpp=1&bdt=94&idt=185&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=804490982&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=4239599670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079606%2C31079825%2C31079866%2C44795921%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3235045661876211&tmod=1022428475&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.juubdhgxlk5n&fsb=1&dtd=190
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD0E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL9LAe_63D_Gr-O9bPSQns8&google_cver=1&google_push=AXcoOmTl7EVdTZN1FRSgaOvBcTheOn0v5w_9c6uYapSpqzbPDL4cyfeD5AHZPrARXO7T1b09tLLFRUOV...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL9LAe_63D_Gr-O9bPSQns8&google_cver=1&google_push=AXcoOmTl7EVdTZN1FRSgaOvBcTheOn0v5w_9c6uYapSpqzbPDL4cyfeD5AHZPrARXO7T1b09tLL...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA3ODA3OTIxODM2ODUxODk4NA&google_push=AXcoOmTl7EVdTZN1FRSgaOvBcTheOn0v5w_9c6uYapSpqzbPDL4cyfeD5AHZPrARXO7T1b09tLLFRU...

170 B
188 B

17ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA3ODA3OTIxODM2ODUxODk4NA&google_push=AXcoOmTl7EVdTZN1FRSgaOvBcTheOn0v5w_9c6uYapSpqzbPDL4cyfeD5AHZPrARXO7T1b09tLLFRUOVwZNBARTaCRY2rM9KWT8do5eqonfdNNW8CEPdGgK-CLIkchAoXuC9g_im1KlmjFG1LVF-YEF_wfQJgWM

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA3ODA3OTIxODM2ODUxODk4NA&google_push=AXcoOmTl7EVdTZN1FRSgaOvBcTheOn0v5w_9c6uYapSpqzbPDL4cyfeD5AHZPrARXO7T1b09tLLFRUOVwZNBARTaCRY2rM9KWT8do5eqonfdNNW8CEPdGgK-CLIkchAoXuC9g_im1KlmjFG1LVF-YEF_wfQJgWM
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame DD0E 43 B
296 B 165ms
21ms Image
image/gif 2a05:d01c:1d8:8100:9449:420b:1a77:b906
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEqC5prAZ1Vuh6STOAuhm08&google_cver=1&google_push=AXcoOmTnuJHoOJ9MEU5-KMY7CtU8Co2R6bWtycY-Fo7m28ViVYirpIlhC65zQlnJDspTdCVMUX5h2dXDh78kRUt4O5EewExhvW4H7zaINyNUdkMUF9T1gIALybhZpzkJdqUJrodzOKqOtMGvHz5DROrYB24Wa-c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=100&slotname=6591594008&adk=3645781967&adf=3279755404&pi=t.ma~as.6591594008&w=400&lmt=1701721481&format=400x100&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481741&bpp=1&bdt=94&idt=185&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=804490982&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=1100&biw=1600&bih=1200&isw=1600&ish=100&ifk=4239599670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079606%2C31079825%2C31079866%2C44795921%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3235045661876211&tmod=1022428475&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.juubdhgxlk5n&fsb=1&dtd=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:9449:420b:1a77:b906 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DD0E 0
12 B 15ms
14ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LEb8BgYJu8i5MdS-lRciKhY4ifhdtt5ugEwOo1MCqF16RJXEr-8eFR5TkMlYIdpXue-mQh

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D42D 0
0 44ms
44ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=3235045661876211&bg=!a2ilaCfNAAY3kmNgF5I7ADQBe5WfOC4Spo1nszwZ_IfgOGyAYOlEp3IoYyMNQbI7gQxOK4QLQE8wRxf62wbgzSn2rJejAgAAAFNSAAAAAmgBB5kC1MYGze25MJJmyl5Q5InxdpnwyynnMgPDDlMycwdMPDhkb6lliXgxJugKk1zMd3YFzL_D-X5rDCc_xl0Lg7V66G7k2yv9EdHX8z1x4TyEgpR6fcPcw4YT-5v4qx3Md8VprlhrA-VJ-px6tCdzNIHK7MaERaRITuPQXkmiYIxPG1CfTvmcHN7X9KbictZ_bM3_2MDJw7rRh6vYZ4RnuDQYVkdC7mccbTKDQTGLVv3ayu5HJjZybhGXkmFm3-GcidmtY5QHCXPGS1scpyipkeQFgguCtfknqzq-6SjxQ3WMBqFmMniS5rohk1vZ_aj1oMFkRomXXBOYQfFdprLuP8uZuVPfEwdPWWu3PI0vS69dJ8PkAm0lJn-bAd2PjTG0Oudgqpv_1tMwby_ueOmDoVjWM0DNU8H0BQuI5ESkjAgm1WgZLQKXXM1uICWigBRJ3fh0TiR0RdJhN-SZw_AobEQywGLJUHyAhBCILmU-9sQ7laHMAakGtZKydqW6zCYNU5SCAtpTeRBSJEEehidnmAqXRx0FK4YwnoXYZHmAAXyPeZ3tsEZhexiueV_C3xyOXTjar_6qWAAgWvaofgy-zxxhHznrMuyV-oZCKkM5zCNaUmnzAMYQQGZmYr3zITltEV61Yp0FKBzaYAGUJaGIhsFY96Fej9OHq82NEZGhm7qYwBl2TdfW99AKX7_SR27CFfiSOGDG8LS6tJRcSMuU3yxGMaZeZqkXqRXip03GGs6V7tcBHAvKVT7kwMsRN2GfOJYAb3gTRGsR7LwiilKBxoGDDV0-Sco8ygEBdpxmvkihSQGgw7kX_JQGRI7p8E9dxSlH0GYibxC4lcFKW7yLlIec2vRmOYxtoTz3AC7dvpZQu5rX7gmo1NMbCuWAJ-qKm0akeH9TNDDXNVTtU62zlgLI3JoI-WA1EVKU_nkmoVm3ST0crRxAbGLGxCmq09ArnbfU6Z9erAU
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 35C9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f92cee4eb3aeb8b873546b796fad159dfe9b60e65b2f1cbe38b904f79af44726

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 12B8 155 KB
27 KB 604ms
604ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=480832092&lmt=1701721482&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482516&bpp=3&bdt=129&idt=226&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&nras=1&correlator=3125074850772&frm=23&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721483&ga_hid=194955514&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1522021407517613&tmod=1452404506&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7zi2imshy3r&fsb=1&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e79a4b169212f829483d2a496b4b0a11f4b13491551824cda83f24bdcabe0be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 27543
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A953 16 KB
12 KB 59ms
58ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35aef692e248a4cb9a2ded3a51d8555ab8bf3878ff5126794a30a9a854b167b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12213
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EDF 115 KB
46 KB 1120ms
1120ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=3268206910&adk=2539099357&adf=2751417943&pi=t.ma~as.3268206910&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482519&bpp=1&bdt=132&idt=274&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721483&ga_hid=194955514&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=220&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1522021407517613&tmod=1452404506&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.yn8z1b2obv7o&fsb=1&dtd=277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bd2b0383313e59c2040f3ffabad72827f2893e19e1a0b21493308352a6176fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 47226
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 65E8
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1&google_push=AXcoOmRuqZsNERmeXrtdm_dqktLT7pCQTlYSrpBTJ9ZUe78goSJ3Sv_4ia1ebYjhs8FgB3YxF58nOTi3qUSvOCYpMpClf14lASuFO...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyMDE4NDkyNDE5NDA3Njk4Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1

43 B
398 B

70ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 65E8 70 B
149 B 98ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMnRYDtwXd0KjOtaityal1I&google_cver=1&google_push=AXcoOmR63qBmMDPdoKLGk4XS1gE1exJLUVDlLClArLvNo8wYekbZJGonntrKcKT3N3ifAXpxOgHEVYTh_n7fzjUqFLU1mrIlGIz9RV2c8BOIp1jE3-ETFjDlhEdXrPRaBbM-YoZI-6HWUOGnb7pdq8GAm-sfMbQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 65E8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAX6MMy7QeS-XsW3u21O-X8&google_cver=1&google_push=AXcoOmTPfCEHhaDyghoAvL3WlwElxHg6c7oba-lxCieMJust1AnNHwj5vjataHQhH63pRG01DQcPeR2ocK7eOVjj...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=iGu0j6R4QvsRt3PQgqCQbQ&google_push=AXcoOmTPfCEHhaDyghoAvL3WlwElxHg6c7oba-lxCieMJust1AnNHwj5vjataHQhH63pRG01DQcPeR2ocK7eOVjjbL9ZNtZ_yMEj-Db...

170 B
188 B

18ms
18ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=iGu0j6R4QvsRt3PQgqCQbQ&google_push=AXcoOmTPfCEHhaDyghoAvL3WlwElxHg6c7oba-lxCieMJust1AnNHwj5vjataHQhH63pRG01DQcPeR2ocK7eOVjjbL9ZNtZ_yMEj-DbLqzPzwChqtyvQhZ4EJGivQxVlu85WosPhpRFhXcRbfkFDp0C58NjXtQ

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 20:24:42 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=iGu0j6R4QvsRt3PQgqCQbQ&google_push=AXcoOmTPfCEHhaDyghoAvL3WlwElxHg6c7oba-lxCieMJust1AnNHwj5vjataHQhH63pRG01DQcPeR2ocK7eOVjjbL9ZNtZ_yMEj-DbLqzPzwChqtyvQhZ4EJGivQxVlu85WosPhpRFhXcRbfkFDp0C58NjXtQ
x-host: tde-deliveryengine-production-6987bbc57b-v7vhf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 65E8 43 B
146 B 256ms
7ms Image
image/gif 3.121.8.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDCe7Rr6A2xIfyhNhvpSv1Y&google_cver=1&google_push=AXcoOmS2Zh9h_gJQ1Gzwgd8eSgB3rMpSSZyS84evHoVgTpetZaGFN0rbAnKCLg_woSmBkygJpGxvDPPT9L7kLZnDKUjuO_TyytKEnnIwCuk7ARQlOQvuDy6y9rFieN9MdMvnWjL4y6tUTD3JqUA5FNNHSISXsso
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-8-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 65E8
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHqeDKsC6mU6JxfSJB2jrAY&google_cver=1&google_push=AXcoOmSyV38rwO_ZS4eSCfgl-vmVtC6CgVXcZONMo2g_uhZFAhzVFbu-rs9dJCkADQZnYWX12xrMULl9gQZY...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSyV38rwO_ZS4eSCfgl-vmVtC6CgVXcZONMo2g_uhZFAhzVFbu-rs9dJCkADQZnYWX12xrMULl9gQZYufOgkpWaQwCCesoTThCRe6ORRNigHETCCfPS...

170 B
188 B

20ms
18ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSyV38rwO_ZS4eSCfgl-vmVtC6CgVXcZONMo2g_uhZFAhzVFbu-rs9dJCkADQZnYWX12xrMULl9gQZYufOgkpWaQwCCesoTThCRe6ORRNigHETCCfPSJk8anayts3EWrf2QWEmOG7HQrnoEqMZ0gyijxkw

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSyV38rwO_ZS4eSCfgl-vmVtC6CgVXcZONMo2g_uhZFAhzVFbu-rs9dJCkADQZnYWX12xrMULl9gQZYufOgkpWaQwCCesoTThCRe6ORRNigHETCCfPSJk8anayts3EWrf2QWEmOG7HQrnoEqMZ0gyijxkw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 65E8
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEB-l0q3qCvGd0EbNfkdLyUw&google_cver=1&google_push=AXcoOmS6f9Vc9rNMb9sWIswRLkzswMnGkk-M_bjkJve_DzGBAuqYe8kFYQxhOoCZsU...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS6f9Vc9rNMb9sWIswRLkzswMnGkk-M_bjkJve_DzGBAuqYe8kFYQxhOoCZsUwbQ8sJQUm_ipH3IB4e-eHt6OpY_K0lrU5TsYujtJ5ktntqzk...

170 B
188 B

18ms
18ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS6f9Vc9rNMb9sWIswRLkzswMnGkk-M_bjkJve_DzGBAuqYe8kFYQxhOoCZsUwbQ8sJQUm_ipH3IB4e-eHt6OpY_K0lrU5TsYujtJ5ktntqzk3OJYx0347VX8RR7-UyQkTGAFjxbNChXt6dcrQ-wfHf48DD&google_hm=mvwMbPbLSDO0grAum177cMo

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS6f9Vc9rNMb9sWIswRLkzswMnGkk-M_bjkJve_DzGBAuqYe8kFYQxhOoCZsUwbQ8sJQUm_ipH3IB4e-eHt6OpY_K0lrU5TsYujtJ5ktntqzk3OJYx0347VX8RR7-UyQkTGAFjxbNChXt6dcrQ-wfHf48DD&google_hm=mvwMbPbLSDO0grAum177cMo
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 65E8
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEG5ezbXgdRja...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSEOjX7qHWVLLbIqrKNeSd1D_PGjonKGJarYyJTI2EzT6OIYTMcsZqwq2rgE05VhQhwDGzu1L12o8smfi5SyOCaOk1LdKMWo5cE_OI2pkuOq4jlJ...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

36ms
36ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:24:42 GMT
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 65E8 0
12 B 15ms
15ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbZGv0_oJjCWZLo7wZ8kXMdRg202e_PHXkod6WLFrR655rqBUJ6czrxULtxSFd49Wqve-_fJ0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 35C9 33 KB
33 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 429771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:51 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8464527532860307799/ Frame D88F 153 KB
23 KB 23ms
8ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59b036fb5e133a03feca939ab701a5eae28842f15573265dc8da1bfd5d100e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 541939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23802
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 13:52:23 GMT
expires: Wed, 27 Nov 2024 13:52:23 GMT
last-modified: Wed, 09 Feb 2022 10:28:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7DAA 0
0 89ms
51ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuPjZ9HhcSqBgsz_qe_5JgRTS511W-XVkSaI9xvEuRSG0DRkDTwIsJ6mXbs-dKRALvnmPG2rOiWEXElk3hFZIsrW0s7cfETuNC5Giqs_hoHLzRYFq9Gz9_iSgO8eWF1Us4Jp6r3KEwgBer-qi5KLrYL6H3FW4MIoz0YmTWJo1xRE1L2r0jUpk5q95aqrzOCKs_0v0weEVbblmUTQgdgq3FFK58ARQYjpR0Uo0_us3vBTI8aVT3hl_WJ-qTS3cgXC7NhYDFM_kLyOw8TG2UsVBcB9--UYjJxWQdaGahs-dmmniINrdpPeV-nl8o4BlZsDZ3-DMReHZaVWTQ-3tdQuLnR4jQkv7St-rYjcNnYwnsVcvNWtkWDHyOKqIo4BV9K0vgbXh2i63FMAV6DTDY7MUkZeHBggCk9LWd2rFT-Cl6tPas16tfNWih1JpMLPqBUtEmUb1imV6M5ReDCZD4y-bTa8OrO3AN9BYh3PwP7EoK1-dd-Eu4okfhjO2xmduwF68gfjRpeejdOsUnzZHmY2TSn1VKnOQtWh4Q-HVKz4RIWGh6r81U5ppTgur8ebo05qysEcnxRYfvTcOVaV986YTwwP4Tla14ytJ-095i_oDaZN1CV-D0om8_LNxUGMEqy-11mCJegQNU_C5hgfdrpDxWMXy_e48d8UW8WEL1dnfrNwgauDCGQYCjrgHqkr5QpNH9Uw752Cs1WqFAbzinIYzAhMpTz-EpIxux3_Z8uk144zXeQWCvkoRPTppyx9By774gMJ5BD9IEEZknYL0t8rUm0oID0A-frRO_UGWDHPTH96xSEDRNFF9Y1iXhqVp4fryGZQdfgWyzvj8eiXi6XxrMZtm3V0qgK8pstqhsAsQKolkKq9lJ4Mug1eeqGhQrVV-BbrFAgIa6Ed_oOu0Yv8qFnNfR48HpT0tw5ApIH8zulmBTMQA_f2kxjJSECqjeAjOL-Qtx3lXkbZRM1okbg8hZDD2Lyx2m5bN_aVl_NVjHYSd3s3KMOA6T-NsADGjRZGYJOBffAXcvbrDMQjqZNPpBFd78K6UuptJbG4AN2gglidxankzBQlrs6RH_S0beiVgt4Dzmzyubwzqw36YJe9rBo82EoYgNgbW0IB_-x_GcYsI9u2i0sGNI26tzQvqBor1Hwk6SoFc3jbptxIi6yyrJFvoBDlOhSCEiucFeEXP3HG7fJzNnqgHMu_NTU2P3i6AqRh40hzilvdnP7QN-9RLW2TLu-PANhGUaVlmkbo4plbJDjY27SfP4HAWogsUNoeiF3Isq-GsfT_jCh_G2--1J8SWCA6dps3BiNnxZNkdfNlCz7m4k1L7ZRks1KNrtZipGshZCALLDjfC8AlVL4rWOvEa0kq1NXChtIayhs-jTBmHytAMPEdin1UFJqtHajcrBPn6iWv5A9vttaP7icbCiA9QDxCzHqNEXMjo0fnILoec0lg0vFUAFiOrGukKOEOnYLupVadIkQCg&sai=AMfl-YQWrR4W7wmo_wEikdSCafC7qGGv_AK0GKF2hrF1qkSpA619x_DKGt_BsPRZEcm0K00HEaOz3spVxj39GMyiRRsyGYvUGAu64WJGK4o_4m4J9LGlyrN1ceQeiAGSaW1ZpE8klrzLlxGVAw6rE8OLpgLViHgotoR4S46KTxFx7bBOWut2quHgMPCjNu4DZS_woNLpN701zEEeUu7k8ayl6zIvqLMD97ER8oyX5stEcy2b4zST0RONQoMtYkjBLGe2uTf5VIfKCWjrzmHMeFCsSc7VzcVu&sig=Cg0ArKJSzIgdPI62UEl1EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=166&cbvp=1&cstd=163&cisv=r20231129.37437&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 20:24:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A953 17 KB
6 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:24:42 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 35C9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQItXijVuZZe2AaXZ5LcP8eS4gA7z5beYdJi9-tCiEt3QveDkCRABIM7OhmhglaqUgqAHoAGkn5DXA8gBCakCX2hh8Nc0sj6oAwHIA8sEqgThAk_Q29MqDbce46pBQ-FR5WKHw27N1RLEcd5...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210741784694547097349%22,%22debug_reporting%22:true,%22destination%22:%22https://vichy.de%22,%22event_report_window%22:%222...

0
0

42ms
42ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210741784694547097349%22,%22debug_reporting%22:true,%22destination%22:%22https://vichy.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988024740%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223470767636483419809%22}&andc=true

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10741784694547097349","debug_reporting":true,"destination":"https://vichy.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988024740"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"3470767636483419809"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 20:24:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 20:24:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10741784694547097349","debug_reporting":true,"destination":"https://vichy.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988024740"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"3470767636483419809"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 22A1 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 12:06:25 GMT
expires: Tue, 03 Dec 2024 12:06:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FE4 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:35:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:35:31 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7DAA
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527764/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-3619133031508264&ias_chanId=1&ias_placementId=20343401207&bidurl=https://newsmoi24h.com/tr...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ijVuZemyJJSyx_APkdGpsAc&cbFunctionName=goog_wrapCb_ijVuZemyJJSyx_APkdGpsAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

10ms
9ms

Script
application/javascript

2600:9000:2127:4e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ijVuZemyJJSyx_APkdGpsAc&cbFunctionName=goog_wrapCb_ijVuZemyJJSyx_APkdGpsAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Protocol: H2
Server: 2600:9000:2127:4e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:54:05 GMT
x-amz-version-id: 4Cmv1jyFRAmZ7XChlLsmb9GJS5ztjryA
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1838
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 04 Dec 2023 19:54:03 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 7ES_f1hop5GgZp28MeO2shUvvrrsG8zIy3G2nCVd5TCIhmEWrH8J1A==

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:42 GMT
server: nginx
x-server-name: app19.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ijVuZemyJJSyx_APkdGpsAc&cbFunctionName=goog_wrapCb_ijVuZemyJJSyx_APkdGpsAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame FD23 91 KB
23 KB 48ms
9ms Script
application/javascript 2600:9000:2127:4e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 6466532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: EHYUtKXJtshvztKWFKVkJjwk61WAbkJRNrfRuGsVRbSJmb_NpZhovQ==

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D88F 29 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 15:16:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7DAA 43 B
215 B 287ms
92ms Image
image/gif 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b3518ec6-22ce-28b2-289e-cb60e8df08c1&tv=%7Bc:vRIyzW,pingTime:-3,time:83,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:35%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:83,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXvjV1v+11%7C12%7C131%7C141%7C142%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1a21%7C1a22%7C1a3%7C1b1*.987057-61527764%7C1b11%7C1b12%7C1b13%7C1b14%7C1c1%7C1c2%7C1c31%7C1c4%7C1d1%7C1d2,idMap:1b1*,rmeas:1,rend:0,renddet:DIV,siq:37%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 20:24:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7DAA 43 B
216 B 283ms
91ms Image
image/gif 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b3518ec6-22ce-28b2-289e-cb60e8df08c1&tv=%7Bc:vRIyzX,pingTime:-6,time:84,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:84,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXvjV1v+11%7C12%7C131%7C141%7C142%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1a21%7C1a22%7C1a3%7C1b1*.987057-61527764%7C1b11%7C1b12%7C1b13%7C1b14%7C1c1%7C1c2%7C1c31%7C1c4%7C1d1%7C1d2,idMap:1b1*,rmeas:1,rend:0,renddet:DIV,siq:37%7D&tpiLookup=ao:newsmoi24h.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7DAA 43 B
215 B 267ms
92ms Image
image/gif 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b3518ec6-22ce-28b2-289e-cb60e8df08c1&tv=%7Bc:vRIyAg,pingTime:-2,time:103,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:460,beZ:461,mfA:464,cmA:465,inA:466,inZ:470,prA:471,prZ:490,si:496,poA:497,poZ:518,cmZ:518,mfZ:518,loA:544,loZ:547,ltA:563,ltZ:563%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:35%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:103,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B95~0%5D,as:%5B95~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXvjV1v+11%7C12%7C131%7C141%7C142%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1a21%7C1a22%7C1a3%7C1b1*.987057-61527764%7C1b11%7C1b12%7C1b13%7C1b14%7C1c1%7C1c2%7C1c31%7C1c4%7C1d1%7C1d2,idMap:1b1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:37,sinceFw:65,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=600&slotname=2968824013&adk=2865839403&adf=1828760783&pi=t.ma~as.2968824013&w=260&fwrn=4&fwrnh=100&lmt=1701721481&rafmt=1&format=260x600&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721481791&bpp=2&bdt=4754&idt=2&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0%2C1200x280%2C820x280%2C820x280%2C820x280%2C820x280%2C188x600%2C188x600&nras=3&correlator=3125074850772&frm=20&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721478&ga_hid=484071371&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079826%2C44807753%2C44807763%2C44808148%2C44808285%2C44809071%2C21065724&oid=2&psts=AOrYGsk8JUiJj_P0iqJLMVF-0y7C__ckmJ_cc3IOrB0_yu8LWrZ4cuZI2nBPBZtqqH9ATbkFhm4m5XFXmBZnze0m2zwApw%2CAOrYGsmlSL7I_E5jL59SyNgUKnej1nCFdNGMF0miH1BTV-V-VguVSASOjnBPvZQqPS2iyglkyjK7wtWwjvew6ohmc-7Ksqe7%2CAOrYGskq9Uo9f1KWxV-4snPG4CYXc54J4k5IrwESXrpeZZPhVYXJsQfXnyJLZpgp7mDkyR8NNdhR75Pg7GcI05NNRLoRShQa%2CAOrYGsmmYSxmq2YHQt7rZgkxgufgYoibLbyj_b-pGey1h4-2i5OhszeBHmKadaE66hN3xhL5JCZbV2rYdD5xPkJUY6SyNg%2CAOrYGskdaPK2_tYeKXYhSuhQwNu5VdFQaENZI-p1bMNtB7HD9kKRlAdNNwe6lhHmcqgQWAM2TSL1zbS0fN2Xqw69iEKDpA%2CAOrYGsmAu8Tp3-qm8VNEjmsHWXNuIG1FfLUAdbHKrERtEMXEbeEulbkl56YBs-6fH2gGtRGHECPAZBhjf4XTxZpybLcsjGaYJiuboh2mo9o%2CAOrYGsk-1AyJIDnwXIKls15FhOHNgEBC0ro3Nz8MYPLjmR7oK3AqVpy0Gbp79gDpFSlLymd5ytycHYTaS5iaJlPRhV2q5cCZBtVVhidCMc4&pvsid=28292592341068&tmod=1979323982&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1B83 0
11 B 7ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?f6xovg
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E00E 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 14:59:11 GMT
expires: Tue, 03 Dec 2024 14:59:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4ADC 829 B
559 B 19ms
18ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99ba176e70f96585027ce94e6252af09477cd844c26edc0e7a27dd2dc17e21a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rbes5axYc9OdWHRD5glhBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Rbes5axYc9OdWHRD5glhBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:43 GMT
expires: Mon, 04 Dec 2023 20:24:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 22A1 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:45:17 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7DAA 0
0 46ms
45ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuPjZ9HhcSqBgsz_qe_5JgRTS511W-XVkSaI9xvEuRSG0DRkDTwIsJ6mXbs-dKRALvnmPG2rOiWEXElk3hFZIsrW0s7cfETuNC5Giqs_hoHLzRYFq9Gz9_iSgO8eWF1Us4Jp6r3KEwgBer-qi5KLrYL6H3FW4MIoz0YmTWJo1xRE1L2r0jUpk5q95aqrzOCKs_0v0weEVbblmUTQgdgq3FFK58ARQYjpR0Uo0_us3vBTI8aVT3hl_WJ-qTS3cgXC7NhYDFM_kLyOw8TG2UsVBcB9--UYjJxWQdaGahs-dmmniINrdpPeV-nl8o4BlZsDZ3-DMReHZaVWTQ-3tdQuLnR4jQkv7St-rYjcNnYwnsVcvNWtkWDHyOKqIo4BV9K0vgbXh2i63FMAV6DTDY7MUkZeHBggCk9LWd2rFT-Cl6tPas16tfNWih1JpMLPqBUtEmUb1imV6M5ReDCZD4y-bTa8OrO3AN9BYh3PwP7EoK1-dd-Eu4okfhjO2xmduwF68gfjRpeejdOsUnzZHmY2TSn1VKnOQtWh4Q-HVKz4RIWGh6r81U5ppTgur8ebo05qysEcnxRYfvTcOVaV986YTwwP4Tla14ytJ-095i_oDaZN1CV-D0om8_LNxUGMEqy-11mCJegQNU_C5hgfdrpDxWMXy_e48d8UW8WEL1dnfrNwgauDCGQYCjrgHqkr5QpNH9Uw752Cs1WqFAbzinIYzAhMpTz-EpIxux3_Z8uk144zXeQWCvkoRPTppyx9By774gMJ5BD9IEEZknYL0t8rUm0oID0A-frRO_UGWDHPTH96xSEDRNFF9Y1iXhqVp4fryGZQdfgWyzvj8eiXi6XxrMZtm3V0qgK8pstqhsAsQKolkKq9lJ4Mug1eeqGhQrVV-BbrFAgIa6Ed_oOu0Yv8qFnNfR48HpT0tw5ApIH8zulmBTMQA_f2kxjJSECqjeAjOL-Qtx3lXkbZRM1okbg8hZDD2Lyx2m5bN_aVl_NVjHYSd3s3KMOA6T-NsADGjRZGYJOBffAXcvbrDMQjqZNPpBFd78K6UuptJbG4AN2gglidxankzBQlrs6RH_S0beiVgt4Dzmzyubwzqw36YJe9rBo82EoYgNgbW0IB_-x_GcYsI9u2i0sGNI26tzQvqBor1Hwk6SoFc3jbptxIi6yyrJFvoBDlOhSCEiucFeEXP3HG7fJzNnqgHMu_NTU2P3i6AqRh40hzilvdnP7QN-9RLW2TLu-PANhGUaVlmkbo4plbJDjY27SfP4HAWogsUNoeiF3Isq-GsfT_jCh_G2--1J8SWCA6dps3BiNnxZNkdfNlCz7m4k1L7ZRks1KNrtZipGshZCALLDjfC8AlVL4rWOvEa0kq1NXChtIayhs-jTBmHytAMPEdin1UFJqtHajcrBPn6iWv5A9vttaP7icbCiA9QDxCzHqNEXMjo0fnILoec0lg0vFUAFiOrGukKOEOnYLupVadIkQCg&sai=AMfl-YQWrR4W7wmo_wEikdSCafC7qGGv_AK0GKF2hrF1qkSpA619x_DKGt_BsPRZEcm0K00HEaOz3spVxj39GMyiRRsyGYvUGAu64WJGK4o_4m4J9LGlyrN1ceQeiAGSaW1ZpE8klrzLlxGVAw6rE8OLpgLViHgotoR4S46KTxFx7bBOWut2quHgMPCjNu4DZS_woNLpN701zEEeUu7k8ayl6zIvqLMD97ER8oyX5stEcy2b4zST0RONQoMtYkjBLGe2uTf5VIfKCWjrzmHMeFCsSc7VzcVu&sig=Cg0ArKJSzIgdPI62UEl1EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=398&vt=11&dtpt=232&dett=3&cstd=163&cisv=r20231129.37437&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7904 0
22 B 42ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C31079605%2C31079865%2C42532523%2C44807406%2C44807764%2C44808148%2C44808285%2C44809072&hl=vi&pvc=1143667814548548

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame D88F 6 KB
2 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 20:37:27 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame D88F 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 20:37:05 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame D88F 3 KB
1 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 20:28:06 GMT

GET
H3 200 head2_5line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame D88F 12 KB
3 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_5line_family.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae81817c90052995774cacf096b367d746225338fcbbdf50031aec87f6165ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3267
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 08:15:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 20:33:50 GMT

GET
H3 200 head1_3line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame D88F 7 KB
2 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_3line_family.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec24c22b9203d16dbd13f6f6898ec8b39c5b2fb7f6ef5571b9f2481bbdb862f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2235
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 08:15:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 20:35:38 GMT

GET
H3 200 160x600_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame D88F 38 KB
38 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/160x600_kv_family.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89f34b3bc1c9a0181dffc795420e5e13874189f4f65c42f1523c882db1516c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:14:04 GMT
x-content-type-options: nosniff
age: 639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38489
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 08:15:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 20:29:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4ADC 0
0 41ms
41ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=1522021407517613&rc=
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E00E 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:45:17 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E00E 0
12 B 7ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HcU7KQ
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22A1 0
22 B 44ms
43ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BgN33ijVuZemyJJSyx_APkdGpsAcAAAAAOAHgBAI&bg=!9vWl9brNAAY3kmNgF5I7ADQBe5WfOHMtDBRqvMM5m6Vg-d0x22W0p_suiBwXCwH229k9rmOxtentncEvJPfyv6H_RbniAgAAAIxSAAAAA2gBBwoAVI2AImb0m_16K1Aot73d9Jv8ahx9aFpBGO5QF66xhygfedcLR5a9sMoLpbRciTtt9zgKM61EolyMx85IAUAuPwTiKzWAyuTaEUbiugPP5-Gon2QSy5kDD1rNZgfivkEDUYWuyhTHJh1aAnS2gFRtnjbZ_LpYNOCMsiwcsd0CIMSAOp5y8ay2FK2UEQDIedLswzEjArUX5dgn-vPaplChElv0Bjs0jNrmWevgjJsQLGEx11UvK11fysPwu2JlCDReHoweVJP_ecnHYQMbWQanDrAzNjBPW87Apt0JR7g4ggyAfCGvp8HYjK_82H_vc3791MreASCPdVAcxoCzRjfWE0NkNg0_Ol0dsOn0nktcZ6vBwRrV9Ehw5ifpfwuiMIRm5qlrEeIKABnpddU7SwHmCqWrdPh3MiUeT-P07LkLJXROte6hko3KlU9xc3UPM-ims6tuPLcrtP5YIx3XUcEkm7TIG7HFTEA3TunfmJ0gpmgkb3E18qk_UlvvTKBoi3UnUiGa6Y-es0AC9kcX-O3g-A6NInN7cI-H_BA_R8sJoYtZ3efybMac7NOW_fKqm-QA207-d-I0cE5Shi05l7Q6acYMVD0jwlvxCWmexJHKXSbe14OAWeioW0jaoSSACr2f6pbWCF9NztNDDVwaNofNv54VRkFD5L8-kJty7h7VEjmV4LuIb_TlNTFCIwU8fTmrocRDBt1irF1OjxsbA-sYnu2gXUoD2IEDXHC-nrMzNjySuf9Wc55hb0hvTsVUbS0LRJ3E7GIlPUZtRFxypdH6Du7J28B0jHNuCezO-KXwd7QThdwQW4QAObBO4oEOyljuZLZluCZciaEBLA5NyESIp_pjFW5MXh38-l3R5EIp9UHyd1OlSIV5A5gdrrhnq-r922eQLpHYXIPDopQLQS6HXlvvsbrl2E8AEuXlo_pqUEWp-ADlqQys02FKZVb6vdd0O7cQAO69lSRSiP0YyrG_0PFMvtvuXAShRGI7nFP5PoWXIYqH5E-1gQCoL5h4qN2H1s6R6iIc3pWqVpSPKETKnCqZHb5ZEJvieBbTMvStTsYnqyDi3f6v1K2IcPh6Cj20U6i70DQAVWEQfCtC7WGEX9KBD526ZJhYFSE5-1a5pAwSK91tL-u80_oXAUwK-7ZHNAFVR8IFEw

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7DAA 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b3518ec6-22ce-28b2-289e-cb60e8df08c1&tv=%7Bc:vRIyGJ,pingTime:-10,time:504,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701721483377%7C%7C3db5c1480c531007677f3f4cedafa13b%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7C3b1d666961ffb29e1342c6c26d07da2e%7C%7C34bcd719277f95a1dbc71b5733a2e93b%7C%7Ce72653ee17db43404c6666f86d60150e%7C%7C3bb1b3ad36a11f6904d199cbcc60deee%7C%7C4a4528b6cf88af51c79948974773d878%7C%7C1663701684%7D
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A953 0
22 B 41ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C44807764%2C44808148%2C44808285%2C44809072&hl=vi&pvc=1522021407517613

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7904 0
0 43ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=1143667814548548&bg=!6Oul66TNAAY3kmNgF5I7ADQBe5WfOPm2oPJ5rbZUjtIj8UKAF4paL_a-0SYesddSjhAbDlLQ7bgrV7BpoVPGsrbBeyqhAgAAATlSAAAABWgBB5kCwpXGXMfPze4nFJm_wnQ1d7Zmux9d3b6_YLkNi7LjTxB01qTF46VdapQNqwAoCktAxEaVposGLTMvi7l_vySAgmap8VM9vScGYVMdiSeJfQhyrodLEHVNukUsntzB3LLcRhyw5UyStsor0HA4o-fCMuic4yyBBHInmZw4Bygt8IFDpFrWpDKzXM83b7QbCSnQX7eKbszqlHPAuLEEAHwsVkIemKe0VwbBQZCFoBt7-SP1fmnvwUl_jaYWvI-tUqyDb8tAvSkRs00Ht9iPag6Z9vxlcoA8RjNp7RNmRwCTTLV8pbMwD0htYlzJlK-GU4vSLv6zW-Hc66dnVtG_y3nXuTmQqurwOBgeZLufckqr_Zg0YdoCwlLd5lgRuiHdVLqGb_HGZoK19uXGnf2XWVfsKeYnt_Ifrkx0FiwbpYyaPkNdWI6JMkpi0O-zq3v-v2clg4lWqXuITBT1swNiRQPiuAnGdzLAz9WqvstqU2bwZChrGyhPV8Cqbwga2WQZfcp91V-jBAU0y_wCvkJWtVo5LHohUU4rl9WpBl_3DdlVQa46KayPhGjIt0YFbjRLkNcd4kFJaadtB8LF-sStvYv5-1G_Bp05Q8HAK967Smrnmn7cqCTx1et8OFrUAso-gyv6i7QLmgAIgcV9f4sEauSsw9LJtyA0nFcUonu99u8Q_BWeyS5fph5qS7l9uklTBUV2zN12NFNMz77ucsn_8VGC9ZuAPYY3uXUwknO_8ZdSGY0I6sKOKHuZYwR7ryKt_u6fQdf36Kv9rbKYDyPPdtlMdzCS7iJjxqClJWHv3j9R_kLb-BrSfxoUqKLJkrLkpzhAEDtBf120-rw_6Iv9gWovwzg6UyI6hxgc9Q94I3G4b1bXgkyCEmk04AElVzoEzrcDGHO7hHlOVDr41VjIFL2DvT6uZGbMk4Spo_bKKb7blUrzYZI
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A953 0
0 44ms
44ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=1522021407517613&bg=!REelRwjNAAY3kmNgF5I7ADQBe5WfOL77y5DvVAoG7wus8m-rnGZhDPOvSfiOoajwraQnLMZt9TkvvFL2eEYsaypEww2LAgAAAG1SAAAABGgBB5kC1isryZIsbCqgX2u3WfCkOHYig7eJX56dA6uc792sSYGwZEB3YEOORowpGPuknVSGJTjeoUANtqvKrfEqJQjCY6sQmQ7DJpy9id8ngjeo0fKG_iBO2vxG-WPwLyeZHHx8WMNO2Xtrh0yniMt1Qew3IDo-iQGYiXNv2ryv9XkGFDLbFlqkFdyRzNMRhCOeePaIflQOnHlpMTShyrNpbWnSmj7iMS8HqISYb6YMM-MCHS20bfXV2-tRluss8Vu4jwJKnwvnO7TVustgkVgqFT5GDms9pzO_RJPfh8pQvnDqeQ15X1D-_HZhfXTJPKA8nYhnh-QA_2kA2mDAE0qjtUF2g5_XifwmWJoHvKM6I1TP2YneJfeOeUeJc3bEZ0wXxLh8TfTWOguWLJgrj2dlnXLDw2U6LR7sD3kevtjT95q3i7GhRNVHCTT_5Q3nUFEtx_n2O9zx9Z9mfh6rvrEucZhuiF6BSylZTjlA6fi63etk1wF7S6K6l2vBN9Zdb__vu_07Pt10BL7Syms1dKHIbXdg7YSQ04r01ohOJBBq9OVrHLBp2HPH87tYv2NbMKfdAGhWKJ60xvIlTdyhIL1SX01VPRLcLoUP9RFFWF51TNLklkjBIk-9gCwRUwmitBtelzBt4-GOk4aMmt2wvyeVoDkMFne00x6bc-1RKRlU9jsxOTud2jvrFoZ_PnO_Jn7rLhw1EDkMwDwca0Fdl3VXfendH3YTc-_QCEGGU3Vol6I-eZVQ9URci2T8fBs0yVOnUos2UFEZ5CEjkd_c3nX4-AZqLA4gMrY1CoLzfSnsvrVh2iZUEhFLLkLovtaTrElqQn45OAF2NBVkHCgkASynDasGgihllISlzsxj5sZrMkevLyIc1hwK7XSYEYRMR-e9GBdHlVIbW1ZGeJgRQkRAVP6O6eFHGAXPzgrmLCeu-kB0SkmGX6cgpRFYmoFtMcZKybH-W-eJMTu5OQ
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DAA 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstv9ESoXmsJee-LCDP44n0YVaSOPIpBhy0XtRW4WBTMbWqEANx1wt33yOnFPpb0ANEDXnal9IZUPm_-AIRFyDbIQPcoXH-XLsb0Xl2Qgcq_wE4gHvRvQ3J85IwylkvD1nT0xAVnlMyclUg&sai=AMfl-YQSRjyv8b-Ajk_6ezkHeeVA3b7cnwordPbPKNxxpIDxNu8yPhtgHOXlekx0CNlywjiWkIwqjKVF2G8wWlLUoU_V-XB0BHUuKME_Uc9jpmpdwE0764s2H12-W-BQcvxIVN3s8HJr7A&sig=Cg0ArKJSzJSAwkK4T1cOEAE&cid=CAQSOwDICaaNU0D06uA_NYqTXQESdWJmVz7cEiTtWgxhNvnm54td4jNf-3VS9eTBN99voNyCKzIy9iobp5W6GAE&id=lidar2&mcvt=1001&p=0,119,40,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2865839403&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701721482414&rpt=275&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 35C9 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRIz-HLgQml28WS8mXXlkTvSW0YbZe6u_pN_6OfZeDRNPj2FPtivOppUE_3AqtiUIHDmQ36TuzSbj2h2AbmsUW2faMn5x55mrfHUOLGLkChZYIxOjiDqp3rulp05SfX39Iko0Xa7rwsKeZ7zeimQ7Y82dUM0gbfqiBMIkH9_qAN-QA6yM_wUbbmTNdGVGNHrr2OhOccztgi1cMQVPKti7x9lrmvzEek4U2lGm20XsodjZaHpDTowcby8jEySmqZENvhxSXOSzJiJLqt0wnhM15oWa7pEUr5WcxhQAGN-KXCj36EGBwBpBO9kKFircE44uGesDj3O3wWg8bSj-7K7tzyr10Yih9pVhSeedTKm9NPqAaz_t43w6HpZf8NS9R7qqYo-U3HmETf7yY3sxlxEkMvECAnyysR7QqwApeBYPkI8b93-EbyfmSqHPAqeKuSX-q0Zkg2cp04DTDwRhGR26f9OEipjA_xOwVMvnWvfIZS5OA8JZhg7j-qm5gAjnsRna5Lv8WL9rSQO0P8ZMQ1ooQq0O4Z740pkJen4pdKM4seYBuN-S6Zd-Ye0yKS1-JwzJS3hQpUa6sYYT7dMRC5ym5TAePcAhF2H-t523xRl_VoPh787XYhBrt1qE7o7cBKw1ZRF3vX42ZSBKA1IpS8_ClL_Rls3BOzpaH1qwzNbaZfGGcXAGgFRLgfl0ahrppurHIGrsaC6vytNf-ZiDf_Pd62LYhHqlQ3sQth99lmXr2NWvImKA3qmjx6qDKlj3XAzTcwoA4IVM2HRgzkEylK14Lxo1j-9TdUUkZO5t6wYtmDaLax-SQTdBgZ2y5CcAS4qa_FJVnghngh6Ny-DujjAy6aH08wEOYb73S7bNKPR5N-qmZgACW6WkgDOJYXgLMBtIUkdTMQzEMCKuNNoNnrsMbctMff80uFOSF20mHTYIpsMdYKHHHwR0Z2dENiDWDfSC7zw9hHDelS0BZshnk2lFS3VhSi1x9miRVn1gtYKqwSHLJbz5mt8zY7qdwRnw3H8zLA4XzhMU2FYVdJLGu3lODQUOBHf1xBl6kUDNpgjDA0XD4R9_pxtSLLG28aGBUnpu7jjKASJiFvIGidrNgcw2oKg9uN3oZroh0CMG020aOn_cIGQn7GElYzt8jsBYajgGLy5838PpTJfFY0uMWSyPzkIsC2GyKGektvAcm75YnEKXfzfJzCnhD6f4uo74kg4_3upSbGyH2Y_bVwIbQeY5PsH1OEGnAhz3eCokjNWxeqO4VpF9jC9laDVBbr-MyMePnn8n0bWmXAUJ9zdfgGB6kBRwwUr1GRErvNWYaPcTyXXUY-nWCGBZq-UsA2nvX_Nyh7ya7xJu1FYt-zL2iEQ3n-P4ZwzKDllSp_K9VWyfwS3Fk6WkOYynrWdIWwpd9MmoDAsv_4JyfrJaJ3v6ge6JfpPo98_nD8Aw70U5tLyN2S7besP_3cdeqwwwapI7z1wjDwuOgtgLI0HC-n3-EmziXmiHwu437jM3ZztnHo59seMR_mv_t30lzlQG5sSLbVyWRSX2_dGVilD2vcCDhDU2_XOtVN8VXMKXBKlsmNpPKNqaC5ROYve_QcPSMWs3LY-_RYJlAKjsH7PdvIm6vm1sYJEx60QtAWlR5p2gGg_cy6rvjt7iQUBaExg&sai=AMfl-YRcl_12mP1YmrTO3C0LKj5rWPZKuhA-aDAi3TTrHhb-zgpTa-9n31sF7sldRXTweQyWmL7EMzZRa2BwDMg6o7hmO01Xh9HOve6XYyCLd6IeMdvdtejYXEa6lK8kTfuuOtxFtwS6dSmgz-x4n2JP82MRkXc&sig=Cg0ArKJSzOwIRb2WhL-REAE&cid=CAQSOwDICaaNErTXp58ZYp_io-XtohCGj0abb2fwPviE5-Bvyaq0EvO91fZbwnVycUTrIlUuwNLUhJ_a83wyGAE&id=lidar2&mcvt=1002&p=0,0,100,400&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3645781967&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701721481932&rpt=915&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7DAA 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b3518ec6-22ce-28b2-289e-cb60e8df08c1&tv=%7Bc:vRIyPR,time:1070,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1070,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1062~0%5D,as:%5B1062~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:95,fm:tXvjV1v+11%7C12%7C131%7C141%7C142%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1a21%7C1a22%7C1a3%7C1b1*.987057-61527764%7C1b11%7C1b12%7C1b13%7C1b14%7C1c1%7C1c2%7C1c31%7C1c4%7C1d1%7C1d2,idMap:1b1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:37,sis:213%7D&br=c
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7DAA 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b3518ec6-22ce-28b2-289e-cb60e8df08c1&tv=%7Bc:vRIyQv,pingTime:0,time:1110,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:35%7D,%7Bpiv:100,vs:i,r:,t:1110%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1102~0,0~100%5D,as:%5B1102~160.600%5D%7D%7D,%7Bsl:i,t:1110,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1102~0,0~100%5D,as:%5B1102~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:95,fm:tXvjV1v+11%7C12%7C131%7C141%7C142%7C15%7C161%7C171%7C181%7C191%7C1a1%7C1a21%7C1a22%7C1a3%7C1b1*.987057-61527764%7C1b11%7C1b12%7C1b13%7C1b14%7C1c1%7C1c2%7C1c31%7C1c4%7C1d1%7C1d2,idMap:1b1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:37,sis:213%7D&br=c
Requested by: Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 css
fonts.googleapis.com/ Frame ED8D 6 KB
706 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=9217757340&adk=205261170&adf=2751417942&pi=t.ma~as.9217757340&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482193&bpp=1&bdt=93&idt=182&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=611249942&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=200&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079865%2C42532523%2C44807406%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1143667814548548&tmod=358804787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.gmqjc4jewi00&fsb=1&dtd=186

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 20:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 19:28:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 20:24:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame ED8D 2 KB
831 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:24:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame ED8D 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:23:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame ED8D 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 13:51:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame ED8D 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ED8D 0
0 17ms
16ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRww3n9esvYrRObGixeSjc02QfF-fr-TFP_DBoghGEzk4evX32ThcsZNPzzJ9UgKcsoiFwAvcDeqtW6il4VfBchV12YXw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=9217757340&adk=205261170&adf=2751417942&pi=t.ma~as.9217757340&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482193&bpp=1&bdt=93&idt=182&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=611249942&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=200&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079865%2C42532523%2C44807406%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1143667814548548&tmod=358804787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.gmqjc4jewi00&fsb=1&dtd=186
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED8D 202 KB
64 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:44 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame ED8D 37 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 21:48:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6540 1 KB
646 B 8ms
7ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/9232505624978569571/ Frame ED8D 45 KB
45 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9232505624978569571/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef885a2c88940c5eebfc428297f976f6c8a403d3c88ea61ee546f96d15700685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:29:09 GMT
x-content-type-options: nosniff
age: 24935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45924
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 05:04:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 13:29:09 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6252141815858944995/ Frame ED8D 2 KB
2 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6252141815858944995/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ab9a1a240f5fa8e6a5533607c3eec52efc313d3f76b27de25a17f6fbc339d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:37:31 GMT
x-content-type-options: nosniff
age: 17233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1560
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 05:04:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 15:37:31 GMT

GET
DATA 200
OK truncated
/ Frame ED8D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D209 640 B
262 B 50ms
49ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNUUt86VlIlaYr48P-gene95HHWs78s8nOjCAyS3eXU_FoyWq5SreyvKAavuMGtzobQx_3buHlLfOdvQIhAUo4T07J9DmFFknZruqftXWDAZ2Ku4H2_jSc6DjJ1F7z4Py0u78sgF_ooxscSvGRadZYOZ6EbwkWElNTVL3FmaJ79ruWJBnIk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=3268206910&adk=2539099357&adf=2751417943&pi=t.ma~as.3268206910&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482519&bpp=1&bdt=132&idt=274&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721483&ga_hid=194955514&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=220&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1522021407517613&tmod=1452404506&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.yn8z1b2obv7o&fsb=1&dtd=277

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=3268206910&adk=2539099357&adf=2751417943&pi=t.ma~as.3268206910&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482519&bpp=1&bdt=132&idt=274&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721483&ga_hid=194955514&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=220&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1522021407517613&tmod=1452404506&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.yn8z1b2obv7o&fsb=1&dtd=277
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 33EF 172 KB
60 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 11:48:29 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 33EF 7 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:42:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 33EF 24 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:42:54 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 33EF 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 33EF 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 13:51:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6257 1 KB
646 B 9ms
7ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 33EF 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33EF 202 KB
64 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:24:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33EF 42 B
71 B 41ms
40ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AHmCJf6t18urU1VS3fbeaSsOc6EnZp_ZLj6DqPw9lDuviO5EzsaMjUfPeuKYt4xYMseOgbG1_8KdmAC7bOxMtdkBvrEDGbvXcb4QiN18hdQ_q4WlE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame ED8D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b28074a3952bb3856a5626f277fbb9347853e1a1f315da2bc5c77961ca8c78c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6540
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1&google_push=AXcoOmSZtsBEXEOUaxsD4WaGlTDvLo86EFJQ9Ph35p19UFR08oEbeGSAYm2zrO3p5utnmoP7mTsnc4QtTSQERQ6IvYPMiJ7ah16ilg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyMDE4NDkyNDE5NDA3Njk4Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1

43 B
398 B

15ms
15ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=9217757340&adk=205261170&adf=2751417942&pi=t.ma~as.9217757340&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482193&bpp=1&bdt=93&idt=182&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=611249942&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=200&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079865%2C42532523%2C44807406%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1143667814548548&tmod=358804787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.gmqjc4jewi00&fsb=1&dtd=186
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6540
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI6aAb8ZIwTeDMkTPbtk6to&google_cver=1&google_push=AXcoOmTKRSR3kNwvnJD_hz-icZD52w24zf30xKPQ6h19iyWMjrSKoyitg6...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTKRSR3kNwvnJD_hz-icZD52w24zf30xKPQ6h19iyWMjrSKoyitg6KF4Pqx0gix14qU_8SnDd4Ig35RZLjop2P7mCPOvZgQjA&google_hm=OMdCx9Xxbx...

170 B
188 B

17ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTKRSR3kNwvnJD_hz-icZD52w24zf30xKPQ6h19iyWMjrSKoyitg6KF4Pqx0gix14qU_8SnDd4Ig35RZLjop2P7mCPOvZgQjA&google_hm=OMdCx9Xxbxk0EZlt_G41Ug

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTKRSR3kNwvnJD_hz-icZD52w24zf30xKPQ6h19iyWMjrSKoyitg6KF4Pqx0gix14qU_8SnDd4Ig35RZLjop2P7mCPOvZgQjA&google_hm=OMdCx9Xxbxk0EZlt_G41Ug
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6540 70 B
148 B 31ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMnRYDtwXd0KjOtaityal1I&google_cver=1&google_push=AXcoOmSsR3k7LUtkSPH0V9hHk_q9wKoV4kQFPHGlIB14yebloHFsioE9fm4WGSH-Q0ymfu4u7vWea62YekKBYi3mZ-r6c060qIgTSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=9217757340&adk=205261170&adf=2751417942&pi=t.ma~as.9217757340&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482193&bpp=1&bdt=93&idt=182&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=611249942&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=200&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079865%2C42532523%2C44807406%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1143667814548548&tmod=358804787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.gmqjc4jewi00&fsb=1&dtd=186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6540
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTwp1mq...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTwp1mq...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDQyMDI0NDQwMDAyMTA4MjEwMTYzOQ%3D%3D&google_push=AXcoOmTwp1mq__-8LyfT8DzBhW42xSJMOLc_ZRlcN5f0YC4l47WXnn9F2dKyoDjPEnI8cR...

170 B
188 B

16ms
16ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDQyMDI0NDQwMDAyMTA4MjEwMTYzOQ%3D%3D&google_push=AXcoOmTwp1mq__-8LyfT8DzBhW42xSJMOLc_ZRlcN5f0YC4l47WXnn9F2dKyoDjPEnI8cRz7FPXiI9D5ZrXQCgKD2xPW4Buv4ylWOw

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDQyMDI0NDQwMDAyMTA4MjEwMTYzOQ%3D%3D&google_push=AXcoOmTwp1mq__-8LyfT8DzBhW42xSJMOLc_ZRlcN5f0YC4l47WXnn9F2dKyoDjPEnI8cRz7FPXiI9D5ZrXQCgKD2xPW4Buv4ylWOw
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 04 Dec 2023 20:24:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6540
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBD6C377ngaMYi3uf9pBuRI&google_cver=1&google_push=AXcoOmQw2vyHVS8C4UhisUJ9xrMfeP3EUOoryBuIuaySEHGT3ziF_7I5Dh0pUN7cJkae-ChbZPM-EVs-QIRYxnmSs9KlJyu...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw2vyHVS8C4UhisUJ9xrMfeP3EUOoryBuIuaySEHGT3ziF_7I5Dh0pUN7cJkae-ChbZPM-EVs-QIRYxnmSs9KlJyug7_zS4Q&google_hm=eS1RY2Jwd0taRTJwRjZB...

170 B
188 B

19ms
19ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw2vyHVS8C4UhisUJ9xrMfeP3EUOoryBuIuaySEHGT3ziF_7I5Dh0pUN7cJkae-ChbZPM-EVs-QIRYxnmSs9KlJyug7_zS4Q&google_hm=eS1RY2Jwd0taRTJwRjZBM2Y2Nkc3cy5qbzNUbnZuMmFiVX5B

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 20:24:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw2vyHVS8C4UhisUJ9xrMfeP3EUOoryBuIuaySEHGT3ziF_7I5Dh0pUN7cJkae-ChbZPM-EVs-QIRYxnmSs9KlJyug7_zS4Q&google_hm=eS1RY2Jwd0taRTJwRjZBM2Y2Nkc3cy5qbzNUbnZuMmFiVX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6540 43 B
363 B 46ms
14ms Image
image/gif 178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRM5CEL9ltnNXLx9rwdxyidrFTdE0v49ogOPsx6KDq5nC8Xkcx9skYrPK5DOQJZccmIADOJp-3Ra9itsZNEi5meSA99DA-_Kw&google_gid=CAESEE5bJzMrfxYDVOn5ka877ww&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 310014
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 6540
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEG5ezbXgdRja...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQHs07RDb3Wv1OJYKHR-F4qAnYl1jOxnpUXHdoUZ0yVrL2wliSN9wHG53IPqepLTzWjzDw-xtOGf9K7RV-c_AxpFJLYlJnGGQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

44ms
42ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=9217757340&adk=205261170&adf=2751417942&pi=t.ma~as.9217757340&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482193&bpp=1&bdt=93&idt=182&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721482&ga_hid=611249942&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=200&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079865%2C42532523%2C44807406%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1143667814548548&tmod=358804787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.gmqjc4jewi00&fsb=1&dtd=186
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:24:44 GMT
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6540 0
12 B 15ms
15ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JT-JROlhiaiyrPsNQp2oestlZSWGWtiR7puAvX4iGfb94oRIB-b6o6GzwoZkjUOcJlNKaiVA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12526237615489777227/ Frame 6830 126 KB
34 KB 42ms
42ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd439dee780e622d5406c1d638c455c67796f5ebe6443f0783358981f3f0310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:44 GMT
expires: Tue, 03 Dec 2024 20:24:44 GMT
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 33EF 0
0 100ms
50ms Fetch
image/gif 142.250.186.134

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuWe_C7PD_0poqqsYVfExJUblKGdIT3n7w3zI-Me1CjefFyFNtCXFdUkjriTyScqxbwF-oG2Nc86nV9QOYG8RPgJMUtHg1DnVjweY-fJNvQ_bhNhlEfXrMaVCVnOdQK7qxWPp_SMarXKEf9proZaVi1ES7yrKrpHTEfjFLAJifeaKioBfPwtI9J-_LXmZxbH6Fs996K-6_SF-0xPZKBFkyVwVpSlWOJqaY7OeGJ99LbIl7gHGP5fqHTiILrnxfiWhOcDA8Osr_hk7mTgXUJNa6my1QtVKY4wbl2qvzBibZlIt5a5OCv8Dewaqil3xNnFQFGXLQJrilDNbCKTIjiQ17uPslxPDcQgN6OiP7n9LKf9IOdj0f4ngKLrMEv4Sf0C1Z2eJleZ57vSSGB3fz1UWcrdD0Ky6hrmwWCEDDTOQNZ6ty0ixOMUnzfLLI2yK8hmvDxtfZBEttuGhHGcX3rrkesTMtq6rFclVEd4qF4u44PTzP2xTdn9c28OCjQVMDIaFOpkBO0vOoRUoncFFOmPWOtJ9Y3x9BGuyykTQhHBcSnET2yE_qPSuTRlpsYrZ7MwGDfhiqXtLmJGznmM3jopmdsAFqXaEoO_J8GAKY9DnMatDhaIDkHRAdPpUL9-qM_ue8meL1cUlX1yovcvcqnLD0oqS6dAHUtoAvu--Swj-Cqn-eeU_mKTIkarrusL_UlHh61GHAtikSH3SKf9FmxozosmU5MwnNveyawli00mzMeW19K5wjqwmyxUKwYgdl0rPzr1LbRskkkBUsBoJhHh6lNbiAUVMfIZa715ZCS45Ftp9H8w4kakIt1wK-_i7p4gRwLBvi28uVgonkCPLDPA3LfwypQ_g6bMocbsX-yauHhrY-xuR7XGVO7MZ15TVQ1bw0rPH6_F55Fpom9mixHE_0375m1gETsG_PdJ1mIW6nCVVjq2XhbojsL4EYufs4lqkXYCuCE06D1Vwkrqxn-jj-Op6zYa4aS-o2S9xK26CNulub1ahoIaI06GMiQX2gAIURVxyP4qx0HZOEXMkdWuf_ZVvYedy8lMsBZY92apmP1mlFUNqBnVf7-z6AGE6m0O-0Oo3516xuuk1PZVK4ZJKHqeuk3GSHIDtR3Ij-Fv3ts8EzqfRX1Ekyezo80IYlrraHJFYZp_JHPFdAKPVbPY8wHOwW5iKQCT_PRxXRb9QjyBs62cWnMH2i3wl65f7GhPRv01RKQhDY50gIn7YxWhG0iN5l-lSKYBUvp_GfyWAm30k7OKTQyCnOnpE7jFchL93vv0Wg2DdZoQCzjoyIi7EJ_CR4aXHZ50VhJybQMDyVg5DWoM-yRoKzSL0Kr92oMvY8oXKUDuM0PhZcDiyh3d-QieheZZQX1hQhewxdpx4AqC-WLkZKkB_X8thFwiAAtfwU6tjEJ60yN8JJiVaG1v6YvGV2uopWZnz5a-pQcfGDUa5OZDO3txjmo8A5vbZ9z&sai=AMfl-YQWvly2Wdm44SjKUtQ3suLGgptRMRarXTBEN0yrZJlVQo204EiS-h7TCoKHmpSAyyj0s9WA_t4oOzfqJaSeKZvkrwTj-48L4UPxrHpETL9Y_pdbf7mOxDeiCqwoSPJQXq0EolA9iZy7MQZvixt_tI91GnFI_ueOTiHTY9BoVd1DZSps1YA4_9y0JMs6mWQHykOxIAscC576BWolKGE8lHE6rgCACPpEZOIkCaPuO7RHBNvwMwnZ4umh1v4SyMDFb38M3CjfiveVAfCHPN7Y-w6WEMNvhmik4cHzWsi0UPFEW1v1XPtqG31x6OEEiFE7gS2mJv7Vq3K-0WyAr10ORBcGxcPf9TsASIzpBjK7sX3WyqVKQYABtW91w0-od9JCpWde0v3qeqgOotqt0XcrFEyfERPANrcGw4bTRqkH&sig=Cg0ArKJSzDPDkbRNWisUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nZW5lc2lzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=81&cbvp=1&cstd=70&cisv=r20231129.55141&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 20:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ED8D 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 197255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ED8D 15 KB
16 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 272723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ED8D 15 KB
15 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:38 GMT
x-content-type-options: nosniff
age: 443646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:10:38 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D209
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECaAVf9xILnZq3M_TJQIboA&google_cver=1

43 B
105 B

19ms
18ms

Image
image/gif

34.98.64.218

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECaAVf9xILnZq3M_TJQIboA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNUUt86VlIlaYr48P-gene95HHWs78s8nOjCAyS3eXU_FoyWq5SreyvKAavuMGtzobQx_3buHlLfOdvQIhAUo4T07J9DmFFknZruqftXWDAZ2Ku4H2_jSc6DjJ1F7z4Py0u78sgF_ooxscSvGRadZYOZ6EbwkWElNTVL3FmaJ79ruWJBnIk
Protocol: H2
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECaAVf9xILnZq3M_TJQIboA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame D209 43 B
295 B 44ms
16ms Image
image/gif 34.98.64.218

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNUUt86VlIlaYr48P-gene95HHWs78s8nOjCAyS3eXU_FoyWq5SreyvKAavuMGtzobQx_3buHlLfOdvQIhAUo4T07J9DmFFknZruqftXWDAZ2Ku4H2_jSc6DjJ1F7z4Py0u78sgF_ooxscSvGRadZYOZ6EbwkWElNTVL3FmaJ79ruWJBnIk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame D209
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKqi-Y4VcIKdASKqwSmMw6E&google_cver=1

23 B
163 B

34ms
33ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKqi-Y4VcIKdASKqwSmMw6E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNUUt86VlIlaYr48P-gene95HHWs78s8nOjCAyS3eXU_FoyWq5SreyvKAavuMGtzobQx_3buHlLfOdvQIhAUo4T07J9DmFFknZruqftXWDAZ2Ku4H2_jSc6DjJ1F7z4Py0u78sgF_ooxscSvGRadZYOZ6EbwkWElNTVL3FmaJ79ruWJBnIk
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:24:44 GMT
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEKqi-Y4VcIKdASKqwSmMw6E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame D209 23 B
163 B 33ms
32ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNUUt86VlIlaYr48P-gene95HHWs78s8nOjCAyS3eXU_FoyWq5SreyvKAavuMGtzobQx_3buHlLfOdvQIhAUo4T07J9DmFFknZruqftXWDAZ2Ku4H2_jSc6DjJ1F7z4Py0u78sgF_ooxscSvGRadZYOZ6EbwkWElNTVL3FmaJ79ruWJBnIk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:24:44 GMT
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 33EF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6185dace2f080c93c07b0d2c05ebfbe8e0dd7ebcf4178bb9e34b9425ab0b629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6257
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1&google_push=AXcoOmSU4_46SHLmfDu1mIratgX9xMKggC6ubHDqfyhePd_06-Q9OH4T9UBck_7rzrgSt0BmIMX80XVmm-8WTFbkTBMdIeI3kiPLXg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyMDE4NDkyNDE5NDA3Njk4Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1

43 B
398 B

14ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=3268206910&adk=2539099357&adf=2751417943&pi=t.ma~as.3268206910&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482519&bpp=1&bdt=132&idt=274&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721483&ga_hid=194955514&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=220&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1522021407517613&tmod=1452404506&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.yn8z1b2obv7o&fsb=1&dtd=277
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJV5vNzr6jv6qTSyRC9iRP4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6257
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI6aAb8ZIwTeDMkTPbtk6to&google_cver=1&google_push=AXcoOmTFCR3_pFbKfIPySd69lT1gLY4Yeu-5nJJri_QIOFv8LA7oxrid5h...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTFCR3_pFbKfIPySd69lT1gLY4Yeu-5nJJri_QIOFv8LA7oxrid5h32t3BEiyK_mHnT-5LBdJ0WOiZR15s0L6aZtLE_gKiL&google_hm=OMdCx9Xxbxk0...

170 B
188 B

21ms
21ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTFCR3_pFbKfIPySd69lT1gLY4Yeu-5nJJri_QIOFv8LA7oxrid5h32t3BEiyK_mHnT-5LBdJ0WOiZR15s0L6aZtLE_gKiL&google_hm=OMdCx9Xxbxk0EZlt_G41Ug

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTFCR3_pFbKfIPySd69lT1gLY4Yeu-5nJJri_QIOFv8LA7oxrid5h32t3BEiyK_mHnT-5LBdJ0WOiZR15s0L6aZtLE_gKiL&google_hm=OMdCx9Xxbxk0EZlt_G41Ug
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6257
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMkEFp9JQLcGSe6gwA2aAow&google_cver=1&google_push=AXcoOmRZWDgQVbTRnwfgB7ONorIJwNXz0fnIIafuO5wEqyPnbLrnDoeMZgPkkLm1YiRJwZ4CQBfqOmYr4tSEe--vGXFrPmeby3rJ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E472F6FCE72340EAAF5D865571F5E246&google_push=AXcoOmRZWDgQVbTRnwfgB7ONorIJwNXz0fnIIafuO5wEqyPnbLrnDoeMZgPkkLm1YiRJwZ4CQBfqOmYr4tSEe--...

170 B
188 B

18ms
18ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E472F6FCE72340EAAF5D865571F5E246&google_push=AXcoOmRZWDgQVbTRnwfgB7ONorIJwNXz0fnIIafuO5wEqyPnbLrnDoeMZgPkkLm1YiRJwZ4CQBfqOmYr4tSEe--vGXFrPmeby3rJ

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 20:24:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E472F6FCE72340EAAF5D865571F5E246&google_push=AXcoOmRZWDgQVbTRnwfgB7ONorIJwNXz0fnIIafuO5wEqyPnbLrnDoeMZgPkkLm1YiRJwZ4CQBfqOmYr4tSEe--vGXFrPmeby3rJ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Dec 2023 20:24:44 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 6257 43 B
145 B 12ms
7ms Image
image/gif 3.121.8.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEDCe7Rr6A2xIfyhNhvpSv1Y&google_cver=1&google_push=AXcoOmQsWROxJte5qi7-Sxrk9dvWHt1Lbk8g_DgC_s1l1f7ZRlsQrTV1Z47c8kavckAtTQA0AV6odwL4zh_PuITESnq1XLbfNhFQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=3268206910&adk=2539099357&adf=2751417943&pi=t.ma~as.3268206910&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482519&bpp=1&bdt=132&idt=274&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721483&ga_hid=194955514&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=220&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1522021407517613&tmod=1452404506&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.yn8z1b2obv7o&fsb=1&dtd=277
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-8-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6257 43 B
362 B 17ms
12ms Image
image/gif 178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTQMXiCwl8uaVo4H1A1Mdpsl-WmIOUVC-cwfqOlF4ZVnbdJa7jqtRhIdZ7EQ8lJPRzHB3yIXTjxvCaPxWkOiepuBg0KvmT_&google_gid=CAESEE5bJzMrfxYDVOn5ka877ww&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:43 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 193982
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6257
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHqeDKsC6mU6JxfSJB2jrAY&google_cver=1&google_push=AXcoOmQnkX7DCaq2OdpP2SPbeyvHv21xfgMEkimG_4AgNK1EB-ctu2KmXtW9Eteuplwv1lkyoHSlggw7VJx9...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQnkX7DCaq2OdpP2SPbeyvHv21xfgMEkimG_4AgNK1EB-ctu2KmXtW9Eteuplwv1lkyoHSlggw7VJx9sO0g4QWpsrAS23BzEg

170 B
188 B

19ms
19ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQnkX7DCaq2OdpP2SPbeyvHv21xfgMEkimG_4AgNK1EB-ctu2KmXtW9Eteuplwv1lkyoHSlggw7VJx9sO0g4QWpsrAS23BzEg

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQnkX7DCaq2OdpP2SPbeyvHv21xfgMEkimG_4AgNK1EB-ctu2KmXtW9Eteuplwv1lkyoHSlggw7VJx9sO0g4QWpsrAS23BzEg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 6257
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEG5ezbXgdRja...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTUWc_5O60n-qDjn5uB6moa2GTTD2lFpx3ikb23ywJIrAhSRbLi8h3TU8MOOqonL7oFjxWoQMCfd474ji3L9joQcaNBdNJ-_g
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

45ms
44ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=800&slotname=3268206910&adk=2539099357&adf=2751417943&pi=t.ma~as.3268206910&w=400&lmt=1701721482&format=400x800&url=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701721482519&bpp=1&bdt=132&idt=274&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&cookie=ID%3D63add8d246e9183a%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw&gpic=UID%3D00000ce2fc1480a5%3AT%3D1701721478%3ART%3D1701721478%3AS%3DALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng&prev_fmts=0x0&nras=1&correlator=3125074850772&frm=21&ife=1&pv=1&ga_vid=354379157.1701721477&ga_sid=1701721483&ga_hid=194955514&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=600&ady=220&biw=1600&bih=1200&isw=1600&ish=1200&ifk=1763885081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1522021407517613&tmod=1452404506&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.yn8z1b2obv7o&fsb=1&dtd=277
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:24:44 GMT
pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6257 0
12 B 16ms
15ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ICePWL1NYEUhr4YDLNd6l99x01ongFBDNrSuUfbKsGvyK4UJZN_N9bADvIAzThQgje8EgiCg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DFBE 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 12:06:25 GMT
expires: Tue, 03 Dec 2024 12:06:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame ED8D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Csf0CijVuZbKsIYOwgQPAt5L4C4G8idB02tSH4pISzoj_gNQCEAEgzs6GaGCVqpSCoAegAejR1M4DyAEJqQJfaGHw1zSyPqgDAcgDywSqBN8CT9CZmSmkJz37OvxSS8cYwCSMuiyZWTQLYLd...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210702709974352125235%22,%22debug_reporting%22:true,%22destination%22:%22https://elithair.de%22,%22event_report_window%22:%...

0
0

43ms
42ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210702709974352125235%22,%22debug_reporting%22:true,%22destination%22:%22https://elithair.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22970270952%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217489943315705022865%22}&andc=true

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10702709974352125235","debug_reporting":true,"destination":"https://elithair.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["970270952"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"17489943315705022865"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 20:24:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 20:24:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10702709974352125235","debug_reporting":true,"destination":"https://elithair.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["970270952"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"17489943315705022865"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 6830 118 KB
40 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 04:12:33 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=484071371&t=event&_s=4&dl=https%3A%2F%2Fnewsmoi24h.com%2Ftrabtv%2Fdj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom%2F4346%2F&ul=en-us&de=UTF-8&dt=DJ%20Mie%20b%E1%BA%A5t%20ng%E1%BB%9D%20c%C3%B3%20h%E1%BB%A3p%20%C4%91%E1%BB%93ng%20b%C3%A9o%20b%E1%BB%9F%20h%E1%BA%ADu%20chia%20tay%20H%E1%BB%93ng%20Thanh%3A%20B%E1%BB%8B%20tung%20c.l.ip%20b%E1%BB%8Bt%20m%E1%BB%93m%3F%20-%20Newsmoi24h&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=newsmoi24h.com&cs=PTO_MB&cm=&cc=&ec=newsmoi24h.com&ea=PTO_MB&el=google-ads&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=354379157.1701721477&tid=UA-206083988-2&_gid=1612259780.1701721482&z=1562608562

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 21:39:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81894
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame E97B 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:35:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:35:31 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DAA 0
28 B 41ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1176457330292&version=m202309260101&ct=76&x=1&cor=1814852997444576800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 20:24:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame DFBE 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:45:17 GMT

GET
H3 200 GenesisSansText-Regular.woff2
s0.2mdn.net/sadbundle/12526237615489777227/ Frame 6830 37 KB
37 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/GenesisSansText-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
x-content-type-options: nosniff
age: 165189
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38296
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:31:35 GMT

GET
H3 200 GenesisSansHead-Light.woff2
s0.2mdn.net/sadbundle/12526237615489777227/ Frame 6830 23 KB
23 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/GenesisSansHead-Light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:31 GMT
x-content-type-options: nosniff
age: 290173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23900
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 11:48:31 GMT

GET
H3 200 GenesisSansHead-Regular.woff2
s0.2mdn.net/sadbundle/12526237615489777227/ Frame 6830 23 KB
23 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/GenesisSansHead-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:31 GMT
x-content-type-options: nosniff
age: 290173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23636
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 11:48:31 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 33EF 0
0 46ms
45ms Fetch
image/gif 142.250.186.134

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuWe_C7PD_0poqqsYVfExJUblKGdIT3n7w3zI-Me1CjefFyFNtCXFdUkjriTyScqxbwF-oG2Nc86nV9QOYG8RPgJMUtHg1DnVjweY-fJNvQ_bhNhlEfXrMaVCVnOdQK7qxWPp_SMarXKEf9proZaVi1ES7yrKrpHTEfjFLAJifeaKioBfPwtI9J-_LXmZxbH6Fs996K-6_SF-0xPZKBFkyVwVpSlWOJqaY7OeGJ99LbIl7gHGP5fqHTiILrnxfiWhOcDA8Osr_hk7mTgXUJNa6my1QtVKY4wbl2qvzBibZlIt5a5OCv8Dewaqil3xNnFQFGXLQJrilDNbCKTIjiQ17uPslxPDcQgN6OiP7n9LKf9IOdj0f4ngKLrMEv4Sf0C1Z2eJleZ57vSSGB3fz1UWcrdD0Ky6hrmwWCEDDTOQNZ6ty0ixOMUnzfLLI2yK8hmvDxtfZBEttuGhHGcX3rrkesTMtq6rFclVEd4qF4u44PTzP2xTdn9c28OCjQVMDIaFOpkBO0vOoRUoncFFOmPWOtJ9Y3x9BGuyykTQhHBcSnET2yE_qPSuTRlpsYrZ7MwGDfhiqXtLmJGznmM3jopmdsAFqXaEoO_J8GAKY9DnMatDhaIDkHRAdPpUL9-qM_ue8meL1cUlX1yovcvcqnLD0oqS6dAHUtoAvu--Swj-Cqn-eeU_mKTIkarrusL_UlHh61GHAtikSH3SKf9FmxozosmU5MwnNveyawli00mzMeW19K5wjqwmyxUKwYgdl0rPzr1LbRskkkBUsBoJhHh6lNbiAUVMfIZa715ZCS45Ftp9H8w4kakIt1wK-_i7p4gRwLBvi28uVgonkCPLDPA3LfwypQ_g6bMocbsX-yauHhrY-xuR7XGVO7MZ15TVQ1bw0rPH6_F55Fpom9mixHE_0375m1gETsG_PdJ1mIW6nCVVjq2XhbojsL4EYufs4lqkXYCuCE06D1Vwkrqxn-jj-Op6zYa4aS-o2S9xK26CNulub1ahoIaI06GMiQX2gAIURVxyP4qx0HZOEXMkdWuf_ZVvYedy8lMsBZY92apmP1mlFUNqBnVf7-z6AGE6m0O-0Oo3516xuuk1PZVK4ZJKHqeuk3GSHIDtR3Ij-Fv3ts8EzqfRX1Ekyezo80IYlrraHJFYZp_JHPFdAKPVbPY8wHOwW5iKQCT_PRxXRb9QjyBs62cWnMH2i3wl65f7GhPRv01RKQhDY50gIn7YxWhG0iN5l-lSKYBUvp_GfyWAm30k7OKTQyCnOnpE7jFchL93vv0Wg2DdZoQCzjoyIi7EJ_CR4aXHZ50VhJybQMDyVg5DWoM-yRoKzSL0Kr92oMvY8oXKUDuM0PhZcDiyh3d-QieheZZQX1hQhewxdpx4AqC-WLkZKkB_X8thFwiAAtfwU6tjEJ60yN8JJiVaG1v6YvGV2uopWZnz5a-pQcfGDUa5OZDO3txjmo8A5vbZ9z&sai=AMfl-YQWvly2Wdm44SjKUtQ3suLGgptRMRarXTBEN0yrZJlVQo204EiS-h7TCoKHmpSAyyj0s9WA_t4oOzfqJaSeKZvkrwTj-48L4UPxrHpETL9Y_pdbf7mOxDeiCqwoSPJQXq0EolA9iZy7MQZvixt_tI91GnFI_ueOTiHTY9BoVd1DZSps1YA4_9y0JMs6mWQHykOxIAscC576BWolKGE8lHE6rgCACPpEZOIkCaPuO7RHBNvwMwnZ4umh1v4SyMDFb38M3CjfiveVAfCHPN7Y-w6WEMNvhmik4cHzWsi0UPFEW1v1XPtqG31x6OEEiFE7gS2mJv7Vq3K-0WyAr10ORBcGxcPf9TsASIzpBjK7sX3WyqVKQYABtW91w0-od9JCpWde0v3qeqgOotqt0XcrFEyfERPANrcGw4bTRqkH&sig=Cg0ArKJSzDPDkbRNWisUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nZW5lc2lzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=357&vt=11&dtpt=276&dett=3&cstd=70&cisv=r20231129.55141&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: newsmoi24h.com
URL: https://newsmoi24h.com/trabtv/dj-mie-bat-ngo-co-hop-dong-beo-bo-hau-chia-tay-hong-thanh-bi-tung-c-l-ip-bit-mom/4346/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12450
x-xss-protection: 0

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame 6830 7 KB
6 KB 49ms
48ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5806
x-xss-protection: 0

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/12526237615489777227/ Frame 6830 8 KB
8 KB 13ms
13ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:01:26 GMT
x-content-type-options: nosniff
age: 264198
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8111
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 19:01:26 GMT

GET
H3 200 60015186_20230202011652528_award_logo_300x600_default.png
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame 6830 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230202011652528_award_logo_300x600_default.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66dfd53134d5f32c3f4b280c7e7c7aa4e64600ea3ed8d2e15d4ae3b5ac1e93af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:16:13 GMT
x-content-type-options: nosniff
age: 18511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2476
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:16:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 15:16:13 GMT

GET
DATA 200
OK truncated
/ Frame 6830 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 60015186_20230713054309302_300x600_eGV70_image4.jpg
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame 6830 377 KB
377 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230713054309302_300x600_eGV70_image4.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47aea03ab095b6ed724fa618bab70114990ebd77725eb481e9791b288f8957b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=pF7MLcftgw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:29:30 GMT
x-content-type-options: nosniff
age: 78914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 386415
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 12:43:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 22:29:30 GMT

GET
H3 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsmoi24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:24:44 GMT

GET
H3 200 sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6830 17 KB
6 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:24:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFBE 0
28 B 42ms
42ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bty-MijVuZcnbOsSRgQPVmLfgBwAAAAA4AeAEAg&bg=!6eql6qXNAAY3kmNgF5I7ADQBe5WfOFVAC1jfnt2Pe4pHdDSMNCKPAY978CQAlMzFMAShMU5YbFfDAt3JhljAtMO__SiCAgAAAGpSAAAAA2gBBwoAaIZaVQARNybCaXMdcCY3NEj21lpNs46v-ne1bFKNhdhgIPcWywS-lynZbecqupp_iUtMlnPAiXIazM3p3Ko_PBEOAwSPiB7UaCQHfmbCdbZwyqEAXuaWnLWqkEaXcVYt4fy2TdcG3HdSmQMc688dM5glK83PPkaphmkkOrZ8TzHNBch8CWBIA6Dz-YDC0EjSHVlbGVlPCh5Eqmn22-9KO9eROFaxVHUdNw2qCwsodvIaEF1Ou_ILXR12vNGEYzUBuzNxr5lSdJr252cIVhkrrGW0A39HM3S9_MBkgQuz_Fomg1JLSafbko--dyH_OeWGo2AJmNwZe97qEIjhWXMQTEKbhWLipuqqjhvU0BYnaKWwk3UvPd7BY3YqtWff98LlJj4iuqq086XKxnwAL81ZGFFusJTu3PBqaexef1eIUUcLimE_fSysjWxZ8JNQ-9yjOBoD2peMGdlu-BN68PnqOzVyPs7RxfQ_JnvjiphXhrHGbV4Kyc---3gtHkO_LwBlyCQsrwS7A5IMuoQRuzl-iC0ruXhIZ9pnaTPdRXMasqqGN2mDMV9ynBmZqbgzWZc-3Db1j5vqEsD-McRSjjF7FMNP1Hbf-AitDBMV7bn3ervYQ-pNz0Moel-fkligeSSlb4wqtFn6mOzuhekw-iLpqGsnIJ3owH2bvM7_ii-xw4Ol5gcdUfMGc5FR9R4KW1ykB6QjnB2MvdgWj2JdJP0qxIBEk7XiVpMto7zqOyjVz8hqtnXf7QVKUjehtabNF-sBB8hYEauMfDaPtf4XRCsxu09HZqwDUj1rPbhr-D_V2_IxNTCprEn4anAzN584PcvH1lMfP4kI06hk7YHei1Mh2KL4t1Aqyo4g1o9lEQ9c2twNZfjj7F8Am68EgZboZluCJtxyuR8_H9zMOe3AbPFapPj5A5N2hozrpV_0845Atz3F0_Rhdp0occFWG3Zbza99l2CBM84u3pMNIRJfA019-9fpTPrwyazSdCDbIEwL8nJHEXqM_FcC2hMCa2IhJjIwfbCP77C-CRLRcPlE9Z2CB5ed_vigRJxOa5QQufJt_7tMLE0JpXnilYXskcBTfJ_SYS6by2msfVmnbvZEpwPJtMQLsF1tWwzWvo8fpK3Pcjfp-NS2_qx-KoLmj7CAebhjkeqozH1PqhyiYM4iiEBr4N2U564gFdQbOfEuHWiJFR_yBH7TmnPp7Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:24:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D9F5 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 14:59:11 GMT
expires: Tue, 03 Dec 2024 14:59:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 342E 829 B
560 B 19ms
19ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UAqeWWnM0T2Npp5OeAqUcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsmoi24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UAqeWWnM0T2Npp5OeAqUcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:24:44 GMT
expires: Mon, 04 Dec 2023 20:24:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D9F5 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:45:17 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 94EC 39 KB
0 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:45:17 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newsmoi24h.com/	1970-01-21 02:18:01	Name: _ga_X8L2YQZR47 Value: GS1.1.1701721477.1.0.1701721477.0.0.0
.mgid.com/	1970-01-20 16:42:03	Name: __cf_bm Value: aTrbF4rSN_7CBuwk89oWneZe62m8GrLBnptOf5Dwi.I-1701721477-0-AX6SI1/p1xJ9zXr6JlJaNrG8cVj+2cCkpHvVzi6M8jf+GTfPcKT4WNzA89xgR4HOGApYKPs2S/qhDEGPrLLotGw=
newsmoi24h.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1542856%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701721477866%22%7D%7D
newsmoi24h.com/	1970-01-20 17:25:13	Name: _pbjs_userid_consent_data Value: 3524755945110770
.aj1559.online/	1970-01-21 02:18:01	Name: UUID Value: 7669248a-3e91-54a6-90eb-47d8266095ed
.newsmoi24h.com/	1970-01-21 02:03:37	Name: __gads Value: ID=63add8d246e9183a:T=1701721478:RT=1701721478:S=ALNI_MaKKLLs-U5ErQ5CLYrcwH894LTECw
.newsmoi24h.com/	1970-01-21 02:03:37	Name: __gpi Value: UID=00000ce2fc1480a5:T=1701721478:RT=1701721478:S=ALNI_MaNcDMEv9XtW9lKrhKT6UDQnFzxng
.doubleclick.net/	1970-01-20 16:42:05	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:03:37	Name: IDE Value: AHWqTUna_Jm83BqMXNWiXBE2rhUYSBSTQRmxVVhLmj69tIK0KdEf3C2xrd6oEtfUZTI
.doubleclick.net/	1970-01-20 21:01:13	Name: APC Value: AfxxVi5B9__qVwFtMHeH4fID8dV3guF0jMhTpFqh8H26wlDxJmkRyw
.googleadservices.com/	1970-01-20 18:51:37	Name: ar_debug Value: 1
.newsmoi24h.com/	1970-01-21 02:18:01	Name: _ga Value: GA1.2.354379157.1701721477
.newsmoi24h.com/	1970-01-20 16:43:27	Name: _gid Value: GA1.2.1612259780.1701721482
.newsmoi24h.com/	1970-01-20 16:42:01	Name: _gat_PTO_MB Value: 1
.casalemedia.com/	1970-01-21 01:27:37	Name: CMID Value: ZW41iuYu5JAqJG5FdoOIBQAA
.casalemedia.com/	1970-01-20 18:51:37	Name: CMPS Value: 3313
.casalemedia.com/	1970-01-20 18:51:37	Name: CMPRO Value: 3313
.adnxs.com/	1970-01-20 18:51:37	Name: uuid2 Value: 4344411322447484206
.adnxs.com/	1970-01-20 18:51:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%wl?iyp!]tbPl1M>e)ZlrFUfJ+tGXxom8bZe_DE)8laWKFKCam=gK%b/V^xCv/-RVoAbpRzqF1`ba0^Kz3r
.quantserve.com/	1970-01-20 18:51:37	Name: d Value: EHgBCQHKKoEA
.quantserve.com/	1970-01-21 02:12:15	Name: mc Value: 656e358a-b60ce-864a8-038f2
.adform.net/	1970-01-20 17:26:39	Name: C Value: 1
.adform.net/	1970-01-20 18:08:25	Name: uid Value: 5078079218368518984
.ctnsnet.com/	1970-01-21 01:27:37	Name: cid_9afc0c6cf6cb4833b482b02e9b5efb70 Value: 1
.ctnsnet.com/	1970-01-21 01:27:37	Name: gid_CAESEB-l0q3qCvGd0EbNfkdLyUw Value: 1
.travelaudience.com/	1970-01-21 02:13:42	Name: _tracker Value: %7B%22UUID%22%3A%22886BB48F-A478-42FB-11B7-73D082A0906D%22%7D
.everesttech.net/	1970-01-21 01:27:37	Name: everest_g_v2 Value: g_surferid~ZW41igAEf9OvOwBU
.innovid.com/	1970-01-20 18:51:37	Name: uuid Value: a0132676-1a3a-46a9-ba81-68ba8a5bd6cf-20231204 15:24:42
.tribalfusion.com/	1970-01-20 18:51:37	Name: ANON_ID Value: annt6ZaoZdUQdR2Hp9uswmOXmI3ZdM9qKM9AHNpqqW1UN5EiBJtogWVjFSNaY55w6uxmSW9uQk3bmrBfP2cg2ZaHBHjy2ZbSP
.turn.com/	1970-01-20 21:01:13	Name: uid Value: 4320184924194076986

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=YDss0CWvj0zs6SPfO4u1l9kK8F2UGREaAJi4c7Iyefgn8x28Dqioa9u8HELt0Zo-c9A0zYQDmJlstV2BPLzb_6sTV7C2s0upviHYh_CDkeJlAyB6aROemuIlmA Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1(Line 17) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQrGF1qSD_K2gx-QVijTEO8q16g-Wn2CIWYE4rmiar0kZ4JZFMXSLM7yuHuAplGWHWro4wlLyNMCJclMP0_Z12QQ9Ow410U73n3U7_2cI3O2UM-UPQgzuSZyZsgxViZrUDP37dRqJiEHokbesfNDNX7EtI&google_gid=CAESEFn8vm0pQTmMG9RBp0YYgNM&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ads.eu.criteo.com
ads.pubmatic.com
ads.travelaudience.com
ag.innovid.com
aj1559.online
bid.g.doubleclick.net
c.mgid.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.id5-sync.com
cdn.mgid.com
cl.imghosts.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
csi.gstatic.com
csm.eu.criteo.net
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
imasdk.googleapis.com
ius.ctnsnet.com
jsc.mgid.com
kenh14cdn.com
lb.eu-1-id5-sync.com
match.adsrvr.org
mts0.google.com
newsmoi24h.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r.turn.com
r1---sn-4g5lzney.c.2mdn.net
r4---sn-4g5edn6y.c.2mdn.net
region1.google-analytics.com
s-img.mgid.com
s.tribalfusion.com
s0.2mdn.net
secure.gravatar.com
server.zmedia.vn
servicer.mgid.com
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
123.30.177.125
141.95.33.120
141.95.98.65
142.250.184.226
142.250.185.226
142.250.186.134
151.101.66.49
172.217.23.98
172.64.151.101
173.194.76.156
178.250.1.6
178.250.1.9
185.89.211.12
2001:4860:4802:32::36
212.124.124.8
23.35.236.201
23.35.237.56
2600:1f18:1aca:4281:7849:7d0b:9ce0:4ee
2600:9000:2127:4e00:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:1::6813:854c
2606:4700:3036::ac43:bdba
2606:4700:4400::ac40:9281
2606:4700::6812:18ad
2607:f8b0:4002:c11::78
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:1b::6
2a00:1450:4001:806::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:f::9
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3602:8b08:3c9:f238:ee96
2a05:d01c:1d8:8100:9449:420b:1a77:b906
3.121.8.101
34.160.236.64
34.98.64.218
35.186.193.173
35.190.0.66
35.204.74.118
35.244.174.68
35.71.131.137
37.157.4.29
42.112.37.34
46.228.164.11
51.89.9.253
54.78.201.127
69.192.160.219
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01dda7268541361264fd798981493c9d5ce54a9822f37647130f359610382095
02d8d8d1d3f164722d3aae632d7f0847fa5e99e1f0bc0442043779016dc2f500
07acb32729e17bc7cdd9f0496c1c24dd12dfc2d51da123a9d9d65cbd4f2d76e8
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09a339edf74660c7981301176fde5410bb710468d1c5365493af4052bcbc6e87
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0aeb645323b093e1ea688255e391cb93837302ada4648e6d7f575fa49c9dacba
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd439dee780e622d5406c1d638c455c67796f5ebe6443f0783358981f3f0310
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c8452bbd09486d33e5eef4d8f7baa4fc670defdd589d480b67a8c03d46c90d7
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0ef9de188fb50864cbb9ea2dfd74e20ec9e36d2328fdd239493fcbcffeb89aaf
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
140255b1b7ab74540c43f24ca70b71279af6f27922dcc04f75b408c29d659d50
15ae90cedd0652ad90b14f826de3bfb35fd996ba8e3a9eaf40dceabf72750da0
15d9597c95c96bc8fb99e9347ad55be9171d6bb50026a032171b0b77f5bea929
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17911c30c68a58a54074106330311fd8d38c1db40d656373a00a8dd512090b1c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ab9a1a240f5fa8e6a5533607c3eec52efc313d3f76b27de25a17f6fbc339d65
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1c8c35a6168eb6834bac2920bb41bc8e36623872d19b30bc3593c6b0d8e1091e
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d351c9ee0a5a4e73582e31a3d3a8432f0a952ee396dc5cea4c5f18e28a07e27
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
203e16befaebcf98b658d29cf6b23017783cea9b34ffd91438904aa2c1ca9e2e
209cf412071f77771f7a2fdba45149911fecb5c892cecc517ecfec986c96d5d9
223faaa9c651812ee6a00e19dc119fc0bef29c16c41e5f55fe47daad95f4456a
23036658725405b74ec18faff686a81a4a4a6fdcf886a3ed9954c133d08f349e
25423574fba4f8b00cee863e96c126c0d5a9e3f8cfd48021a8a01336201f98d1
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28676f932a88b49b887aa01f46bdfb2f7acf54e14339286b0c05409c249ede67
2894de5990f56d5861a7a1251ac4301bc23cab1a17744a934eca17179403d2fd
28aa1fdfa11edd297d99adb46c782287f8ae4f4f5ec2ceee3f145252ec1228e6
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a6ccf5b27b10e3936d42b3222371e7ed8b9cecb5c4911521725601707e1420d
2ecca851b7fa5f2b3bcf747bf72de5dc4e387fe19850ca858a12e71a7411679c
2ed88873006c9435e8b054d445f647e73afad5fe0df02636bed3f9a689a19c5e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
303859fcfce282ad2305a11b91fface2302142475c8968b146731622a1428a31
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3171fc2cecfe1c3d875ae060c2a369801730efb9f46d8ec3073066504d27460d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
334e975e0c38313ff9b49c144ff29af011efcd62cccd3836911899d9f80f544c
34455c2915ed5879e7a5b8c27b5bc17fe3c7cd320154d33ca736c6d6b9f0b966
35aef692e248a4cb9a2ded3a51d8555ab8bf3878ff5126794a30a9a854b167b2
366b21fc3ec34bf9eec0f9ab948f94f1401731a0d4b3021219256d59bfa71744
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3e79a4b169212f829483d2a496b4b0a11f4b13491551824cda83f24bdcabe0be
3ea5fddae8e57177771ffab5a1a733382a48bb953058e30f5fc797384420ef8a
3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43413e6af5053d9f69d2f75fea6bfd1c979a4a9105d086f2fe72749427324325
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47aa507aa520ddf600e955596eb5b75a117eba68760dc9b10c5cbdebff98a9f0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4c5126e8f47730475e6e5c43726efb65cad3a3c0967e8c981da8f93cb39a0923
4d13df09971c4b14ec956843d7d49207f895970f9a1ac3e11db54644e2b291d7
4db1498122d70c1d19ed25877bd48915a28685d171ee00a451d98d975c5be06e
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
502a108cf58864ad89b2f80c3b31b78fa81b528971a739ed26aa4fb3d2793d0b
504d64a2476069f995990d329a77a287b0177cd33022d9c3878b5aeee479f559
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b3b49129a7edc13ca1a84b87cc515e6cde7eb02eac37c110f35b5bdf3ce08b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5618c2b5cc448b4ae89ab1f5529d1ca3316fa7d57c24bdb1ee3912a6f8a8370d
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
59b036fb5e133a03feca939ab701a5eae28842f15573265dc8da1bfd5d100e6b
5d59372b6612612e1f165c140beb8e541b9becfa771862e2d61376252a2ba91f
5ef515e1b371b23c4085d94056141b89b0eb3d94aeec1f1734f1e5509f9a7fd6
5f6f9d0243502b97869f93bdaf732854b64f720e7b0aaea1268c8a063131d953
604ce00ba927ab896cfc8aad7464646a084d193cbdc2a3465332f3a018a524f4
60d0795157a1b159ee704273c6b08655223daf1af42c74fe0d1810659656fc7f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627e606f15626af32faeab8c25e54120ffb5ac4613bcef4b6870400fa5155938
64475ae388b869e2b3bd1398e964290e9383a60273f821e6d269b8ff3142df59
64511eb16b26a657642ebf4cdda009893f812c71d87b3eaf9ede851b2d2fa928
6522c0242f51b2366e7744699a84febb429ed3b897cf29543741696abdd01dba
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66dfd53134d5f32c3f4b280c7e7c7aa4e64600ea3ed8d2e15d4ae3b5ac1e93af
673739567d4e078e44b24e91337e7169f2b032164643a85bb63a7428983ca1b2
68c07d87bd0729b566fb75502a5849862d04cdf5d7efd7aff874e14cba67ac9d
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69add396e7dc99b73d5fde0017feafa8d3b507167c9a5b50880098a214a693c2
6ae81817c90052995774cacf096b367d746225338fcbbdf50031aec87f6165ac
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6f228f2615014423a167fc9589898895237094e70c8144b0a0cfc8ccfd4f0b90
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73782e2e54a6b413ad1b7fa4e79762de185a2e875ab1431a2723bbf09db76aa2
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
7670e56b1db7c758ad70fd115508d59816ec2912d4e0e6e7bc57466a1eb3071f
78a91086c24252d1d3cc323ea4e63faabdeb170fdc15fe693ad578903a372276
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7bd2b0383313e59c2040f3ffabad72827f2893e19e1a0b21493308352a6176fb
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
7fbb02a8689502c57cc95264b92f335fa622b90163a8ce934ad48e143fbf6170
8183c453233c51165f711954aa6338f5252b0adee8803b6831c72e860ecab99f
823d6160788579edfcfef033a469a0b8f1ae6f267dbe4e961cf79df6150085de
82940fb573ac2ac439d1c853b8d1eb511fa99ba15874876f2d3a7bd4d3a781b4
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
85d3987a45a0fdca18652344761e0dce4f3616d51f7788ad3447c18a8eea5291
86478477db1719587594c77bc8237f1c63c42ef43bc42cc13a0bb703dc5e7466
89bf977bb42741e588dcd51a727778a7e29e13a0836540e7931afd0d68cd959f
89f34b3bc1c9a0181dffc795420e5e13874189f4f65c42f1523c882db1516c87
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8bf0d2c69528a0cc348d3341cbfd51f7ea2ec2e50f21d5c51d3c2bd1e55b9019
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
918a20b6cf86739e4ad9114f32e0ee80d62043adb057e53622fc60a280efefc8
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
96344c48276b6477946734dfa6f60c187fa33d371c0f4bc2156edc0e2868617c
97a04111131a2f57d0704bf8310372af7036da3da03cd953b0dea3a8344a563e
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99ba176e70f96585027ce94e6252af09477cd844c26edc0e7a27dd2dc17e21a0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a2153631f29ad5433df476a048872a134b1bec1aab8e9fff3bc4893b199b087
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae1b9f867c5a14924d3d6b09e57f7451a00917838dd127af0782a07551e3d58
9e9ea9de956a9a5df6641d231822c8bd31112a29cb59fe49f069d13ec70c02cd
9f03dafbda98679417d95c38d95c01238a260f829bd93fba2c13deb981993646
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9fac3e33c9cfb1292e532ff09ff978a92bcccd41a1bd79c6a13dc5631c712a8c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4660d41501170b9554d6e9929816eeb5716bb6feb4895b82e6f99f2792ccede
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7fe9347c265a8ef227a2c0e3e0e6e62e75f14784355f556fa9ddb864c5753f6
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa0e93d2bfd1900f9c7f479ab923c0ca2acabba511edba5a95a7fa35b5b50abf
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac58943049ed7f7b2da5eba6eebdac9aa4cb31ce889a33d9a0a91ef67f2539e0
aed7a92bf9a41409a831ee87c89a1ebd36e8ad8ab525bbc0acc197b55f99ffe6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28074a3952bb3856a5626f277fbb9347853e1a1f315da2bc5c77961ca8c78c4
b2a8c7a526e508ed097c67d481cf59e2c6e776e9304eeba54272674e106602fc
b462050e1ddbef4d37b79d23368bbfdaaf9ce0b6fad349d734b1b8ceb50432e6
b47aea03ab095b6ed724fa618bab70114990ebd77725eb481e9791b288f8957b
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b751fd7299a5b35c94cfea53d69ff419b86c0b473938fff8b810c4fecac9d293
b7dee2c7a457dff4e07dc04013a73bd77f3a618f5b2fc21462afdeba5440b590
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
bd13a5739ffb43246a920dfeaa52deffb797f5fc746e876a465b22bff98fdf9c
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
c0e5c83e391c8a3692d93b77eb0b60f62c8ff8de4567e17610811d6fd2790bf3
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c522019dd6dacad7774748168a9f6e2af6db34134027dd14aa79a1b878000dc0
c6185dace2f080c93c07b0d2c05ebfbe8e0dd7ebcf4178bb9e34b9425ab0b629
c7da916892d7eec7777541231cf3d955c4169bf11e1c591a6b712b2e55684ed8
ca0c4c647c2336b30ffb19a4a961547b9cdf0677d30ec71ba03c6650119de633
ca97fafd6a87f7cfe9c8d4fea8a137df30556c0de1656f414b0d3f1cc36ecee3
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf8a98caaa1c86827f1d06979e4134451343865dc845c78de1a4928e85d853d6
cff3081296b0052e0adadc4324a8ae7f9d129988c8d844c98831e4700f477692
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2b183bab67f6ccec7a73145d7553a3e3294d470b0d49bda1ee5de802b590394
d7b66acb0c96567acc8707b2473c308c2cb90430df021e86b9c6161e60e3e752
d8e8b70424cd0f3f1f5a9285e3b0d2a0d5546f371544550969facf69b81a0d90
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
d9e80d4fa55b271b85d038e5374dd1ae917be12e19d4df799117aa59728ed900
db321450e4f40e971f437d92f1319b16ad3d78a653aaa2283b96e356096706f7
de15475770503c4b998a1fd7857d6d1f0f651a317611b4171f6e88b71b83ef15
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfff719121416860b3750df6d256891c258e27731f2a12389791f91d63fe0f68
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1968b6a6fd537407945be55f513e49d543f4ce1005d201762fbf4eb14157a0f
e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6c7d3682a804c3d533e49db3c067727acc4573079e81fe0757653b27304b8e1
e9472f91207392e99937e603f1bd39a35854bb41f2dc0ca306728b874ad7628c
eb5f2fd2309d60d2a023434cc60816bc6e654149ef44685b8ce82e9ad99a0173
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec24c22b9203d16dbd13f6f6898ec8b39c5b2fb7f6ef5571b9f2481bbdb862f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef885a2c88940c5eebfc428297f976f6c8a403d3c88ea61ee546f96d15700685
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
f532b1d4c30d3692c9d58690f83c1e9d2d17851ad0aecaccab8dbc8f00744440
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f92cee4eb3aeb8b873546b796fad159dfe9b60e65b2f1cbe38b904f79af44726

newsmoi24h.com Open in urlscan Pro 2606:4700:3036::ac43:bdba Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

407 Requests

91 %HTTPS

52 %IPv6

43 Domains

69 Subdomains

54 IPs

7 Countries

7120 kBTransfer

17752 kBSize

30 Cookies

1 Outgoing links

Redirected requests

407 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newsmoi24h.com Open in urlscan Pro
2606:4700:3036::ac43:bdba Public Scan

Screenshot
Live screenshot

Full Image

407
Requests

91 %
HTTPS

52 %
IPv6

43
Domains

69
Subdomains

54
IPs

7
Countries

7120 kB
Transfer

17752 kB
Size

30
Cookies

407 HTTP transactions
15 data transactions